I'm trying to establish an IPSec tunnel between ShrewSoft VPN Client v2.1.0 and Cisco 2611 in Lab environment, but with no luck. The debug shows that the preshared authentication doesn't match (see the attached files). Cisco VPN IP is 172.16.0.1, the host IP - 192.168.0.2, no NAT is configured in Lab environment. I checked both Cisco and VPN client Phase 1 - Phase 2 parameters and preshared key several times and they seem to match (see shrewsoft screenshots). I also tried configuring IPSec using dynamic crypto maps and got the same error. But if I set an IP address as the Local Identity string instead of VPN group and also set the IP parameters statically in ShrewSoft, it connects successfully. Could you please advise any solution or point to the mistake I've made? Maybe you could also post a working shrewsoft vpn client configuration?