From: paul_d_smith@x-hotmail.com   
      
   ...snip...   
   >>  I hadn't appreciated that the initial offer could contain both.   
   >   
   > Sorry, I got them the wrong way around (that's what I get for posting   
   > early in the morning): as noted above it is the responder that can be   
   > configured with both aggressive and main mode.  The initiator can only   
   > offer one, at least within a single negotiation.  In theory the   
   > initiator can offer both in the sense that it can try one (say   
   > aggressive) and if it doesn't negotiate within some configurable limit   
   > try the other.  However, I'm not aware of such a client.   
      
   Stephen, thanks for clarifying.  The background to this is that the Cisco   
   VPN Client with shared key tries Aggressive Mode but my Netgear DG834G only   
   supports Main Mode.  Unfortunately the Netgear doesn't like the Cisco offer   
   and the Cisco doesn't like the Netgear response (to the extend that it drops   
   it, according to the logs) and keeps retrying the Aggresssive Offer.   
      
   My "cunning plan" is to investigate whether there is a suitable response to   
   the Aggressive Mode offer that will make the Cisco client then try Main   
   Mode.  This is a vanity project and as much for my education as anything   
   else.   
      
   Thanks again, your answer should be very useful.   
   Paul DS.   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)