SonicWall TZ-170 (2.2.0.0) <–> Mac OS X (10.3.4)

Joel -- Thanks for having the forum and making so many helpful replies! :D I've been through the forum and haven't seen a solution yet, so let me ask it here: 1.0) The Mac goes through that AppleScript beeping thing, but then seems to work. (Not a major problem.) 2.0) The tunnel does not get built. SonicWall reports the connection thus: Does anything jump out from these reports and configurations? RECEIVED<<< ISAKMP OAK AG (InitCookie 0xacd923bb0e8c2192, MsgID: 0x0) (SA, KE, NON, ID, VID) - Source:Macintosh, 500 - Destination:SonicWall, 500 - - IKE Responder: Received Aggressive Mode request (Phase 1) - Source:Macintosh - Destination:SonicWall - - NAT Discovery : Peer IPSec Security Gateway doesn't support VPN NAT Traversal - Source:SonicWall - Destination:Macintosh - - SENDING>>>> ISAKMP OAK AG (InitCookie 0xacd923bb0e8c2192, MsgID: 0x0) (SA, KE, NON, ID, VID, HASH) - Source:SonicWall, 500 - Destination:Macintosh, 500 - - IKE Responder: No response - remote party timeout - Source:SonicWall, 500 - Destination:Macintosh, 500 - - IKE Responder: No response - remote party timeout - Source:SonicWall, 500 - Destination:Macintosh, 500 - - Received packet retransmission. Drop duplicate packet - Source:Macintosh - Destination:0.0.0.0 - - IKE Responder: No response - remote party timeout - Source:SonicWall, 500 - Destination:Macintosh, 500 - - IKE negotiation aborted due to timeout - Source:SonicWall - Destination:Macintosh - - Which indicates that the Mac gets the SonicWall's attention, but is not responding to SonicWall's 'What's up?' reply. Settings are as follows: Sonicwall : IPSec Keying Mode = IKE using Preshared Secret Name = Named specifically for this connection IPSEc Primary Gateway = 0.0.0.0 IPSec Secondary Gateway = 0.0.0.0. Shared Secret = Named specifically for this connection Destination Network ; 192.168.0.0 255.255.255.0 Default LAN Gateway 0.0.0.0 Proposals: Phase 1: Exchange = Agressive Mode DH Group = Group 2 (Alternates are 1 & 5) Authentication = MD5 (Alternate is SHA1 Lifetime = 28800 seconds Phase 2: Protocol = ESP (Alternate is AH) Encryption = 3DES (Alternates are DES, AES 128, AES 192, AES 256, ArcFOUR, NONE) Authentication = SHA1 (alternates are MD5 and none) Enable Perfect Forward Secrecy is ON DH Group = Group 2 (alternates 1 & 5) Lifetime = 28800 seconds Vapor Sec (1.0 v100) is set up as follows: Connection Name = SA Policy Name from above Remote IPSec Device = Sonicwall's Public IP Remote Network = 192.168.201.1/24 Local Network Mask = 24 Main Tab: Shared Secret = shared secret from above Local IP 192.168.0.5 (IP assigned by home network router/firewall Mode = agressive Proposal check = Obey Nonce size = 16 Phase 1: Lifetime = 28800 seconds DH Group = 2 Encryption = DES Authentication = md5 Phase 2: Lifetime = 28800 seconds PFS Group = 2 Encryption = 3des Authentication = hmac_sha1 ID: Local = name of SA policy on SonicWall Remote = SonicWall Serial Number (as is standard when linking two SonicWall's together) We've twiddled around with the authentication and DH groups, changed modes to Main, Main/Agressive, Agressive/Main, etc. all to no avail. At some point we managed to get past phase 1 and starting seeing 'Phase 2 Proposal does not match', but can't even get that far anymore. Thanks In Advance for any help you can give....