SRX5308 - VPN Connected but cannot ping any servers using Shrew VPN

Hello,

I am new to VPN setup but have spent last 2 days working on this and have multiple forums and threads, but still not resolved...

The issue is - I am able to establish vpn connection, but cannot access anything on the router side, cannot even ping the router... 

NOw the details --- 

I am working with SRX5308. 

• I have created an IKE Policy named gate1 (see screenshot).
• I am using Mode Config (second screenshot below)
• I also created a User called "client1" as IPSEC VPN user and using Edge device validation. 
• I opened Firewall port 500 UDP (see third screenshot - Did I do it correctly?)

ON LAPTOP

On a laptop thats on a different internet connection (using iPhone hotspot), On Shrew VPN client, I created a new connection, and used "Mutual PSK + XAuth". 

I am able to establish a connection in VPN client.

When I do ipconfig, I can see that I got the IP 192.168.6.10 assigned on my laptop (as expected due to Mode Config)

However, if I do "ping 192.168.3.1" I cannot reach the router. I also tried to ping other computers, but cannot reach any of them (Note 192.168.3.1 is the router - SRX5308's ip address).

On SRX5308 ---> Monitoring --> VPN Logs, I see the below issue - I am stuck at this point. 

Please advise... On VPN Client, I tried changing various settings, but I have not been able to ping anything behind the router...  THIS IS VERY FRUSTRATING... 

Sun Nov 20 11:13:21 2016 (GMT +0000): [SRX5308] [IKE] ERROR: packet shorter than isakmp header size.
Sun Nov 20 11:13:19 2016 (GMT +0000): [SRX5308] [IKE] ERROR: Ignore information because ISAKMP-SA has not been established yet.
Sun Nov 20 11:13:16 2016 (GMT +0000): [SRX5308] [IKE] ERROR: Ignore information because ISAKMP-SA has not been established yet.
Sun Nov 20 11:13:13 2016 (GMT +0000): [SRX5308] [IKE] ERROR: Phase 1 negotiation failed due to time up for 172.56.31.16[37254]. bcd2a0e0562bd9e8:2e68acd54f3fa810
Sun Nov 20 11:13:09 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received Malformed packet of payload length 33808 and total length 48.
Sun Nov 20 11:13:09 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Sun Nov 20 11:13:09 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Sun Nov 20 11:13:09 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Sun Nov 20 11:13:09 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received Vendor ID: DPD
Sun Nov 20 11:13:09 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received Vendor ID: DPD
Sun Nov 20 11:13:09 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt
Sun Nov 20 11:13:09 2016 (GMT +0000): [SRX5308] [IKE] INFO: Beginning Identity Protection mode.
Sun Nov 20 11:13:09 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received request for new phase 1 negotiation: 172.248.16.22[500]<=>172.56.31.16[37254]
Sun Nov 20 11:13:09 2016 (GMT +0000): [SRX5308] [IKE] INFO: Anonymous configuration selected for 172.56.31.16[37254].
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received Malformed packet of payload length 16224 and total length 48.
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received Vendor ID: DPD
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received Vendor ID: DPD
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] INFO: Beginning Identity Protection mode.
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received request for new phase 1 negotiation: 172.248.16.22[500]<=>172.56.31.16[37254]
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] INFO: Anonymous configuration selected for 172.56.31.16[37254].
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] ERROR: Ignored attribute 28680
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] ERROR: Ignored attribute 28677
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] ERROR: Cannot open "/etc/motd"
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] WARNING: Ignored attribute 28678
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] ERROR: Ignored attribute 28674
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] WARNING: Ignored attribute 5
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] INFO: 192.168.6.10 IP address is assigned to remote peer 172.56.31.16[28685]
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received attribute type "ISAKMP_CFG_REQUEST" from 172.56.31.16[28685]
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] INFO: XAuthUser client1 Logged In from IP Address 172.56.31.16
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] INFO: Login succeeded for user "client1"
Sun Nov 20 11:13:06 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received attribute type "ISAKMP_CFG_REPLY" from 172.56.31.16[28685]
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: ISAKMP-SA established for 192.168.3.1[500]-172.56.31.16[28685] with spi:b29714d3c1a94469:6490d26401923747
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: Sending Xauth request to 172.56.31.16[28685]
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: KA list add: 192.168.3.1[500]->172.56.31.16[28685]
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: Floating ports for NAT-T with peer 172.56.31.16[28685]
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: NAT detected: PEER
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: NAT-D payload does not match for 172.56.31.16[37254]
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: NAT-D payload matches for 172.248.16.22[500]
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: For 172.56.31.16[37254], Selected NAT-T version: RFC 3947
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received Vendor ID: DPD
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received Vendor ID: DPD
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received Vendor ID: RFC 3947
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received unknown Vendor ID

Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received unknown Vendor ID
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: Beginning Identity Protection mode.
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: Received request for new phase 1 negotiation: 172.248.16.22[500]<=>172.56.31.16[37254]
Sun Nov 20 11:13:05 2016 (GMT +0000): [SRX5308] [IKE] INFO: Anonymous configuration selected for 172.56.31.16[37254].

MODE CONFIG -- NOTE My Router (SRX5308) IP has been changed to 192.168.3.1 and so I added that as the DNS. I have a second router for Wifi plugged in and it has IP 192.168.2.1 but the second router is not important at this time...