UTM25 SHA2-512 Integrity not working with VPN Client Pro

Hello DaneA,

A. I tried 3 different machines: Windows 7 Professional 32, Windows 7 Ultimate 32 and Windows 7 Ultimate 64. All with identical results.

B. Have not tried Client-to-UTM5. UTM 5 is configured at a remote office. The Gateway-to-Gateway connection between the UTM5 and UTM25 is working fine with: AES256, SHA-256, DH16 for both the IKE and VPN policies.

C. This is a new configuration that I’m trying to get up and have only tried the latest version (v3.6.2-4) on both boxes. 

As I mentioned, I’m using Mode Config on the UTM25 for the Client-to-box configuration.  Any combination of settings works as long as the Integrity Algorithm is SHA-1 for the Mode Config TSL. If I change the Integrity Algorithm to SHA-256 or SHA-512, it will open the tunnel, but I can’t ping anything from the remote PC.

Below is a table showing the various combinations I’ve tried. Most of them work (I can access the network when the tunnel is opened) except for the 2 in red. In all cases the VPN Client Professional software shows the tunnel is open, I get an IP address from the pool and the DPD_R_U_THERE and DPD_R_U_THERE_ACK messages are being passed back-and-forth (shown in the console as I have dead peer detection enabled)