this message tells us that there is an incoming main mode ipsec connection attempt from an IP address we are not expecting a connection from.
Thanks for the reply.
I had Googled the error and found an explanation that indicated what you said, except for the policy portion. I checked the setup on both ends and as far as I can tell, it's correct--which might explain why the tunnel is working. Both ends list the keying as Aggressive mode (IKE) and I am not sure if that is correct since it's saying Main Mode in the error.
The remote unit is a 570 with 3.2.2, wondering if that has some bearing.
Maybe I will delete both ends of the tunnel and recreate.
Any other suggestions?
have you confirmed that the error messages relate to your remote unit, and not some other unit ?
you should see an IP address the main mode connection log attempt that it is coming from...is that an IP you expect ?