请教谁有l2tp 和 ipsec 结合的，详细的配置资料

兄弟们那,谁能帮帮我啊1!!

2008-5-17 11:55:51 ISAKMP: received packet from 60.14.184.198
2008-5-17 11:55:51 ISAKMP: new state 44
2008-5-17 11:55:51 ISAKMP: state 44 bind conn '2 testvpn 1 d44'
2008-5-17 11:55:51 responding to Main Mode from Road Warrior 60.14.184.198
2008-5-17 11:55:51 ISAKMP(44): processing ISAKMP-SA payload.
2008-5-17 11:55:51 ISAKMP(44): Checking ISAKMP transform 1
2008-5-17 11:55:51       encrypt:  OAKLEY_3DES_CBC
2008-5-17 11:55:51       hash:     OAKLEY_SHA
2008-5-17 11:55:51 ISAKMP(44): invalid value 14 for attribute OAKLEY_GROUP_DESCR
IPTION in Oakley Transform
2008-5-17 11:55:51 ISAKMP: delete dynamic conn "2 testvpn 1 d44"
2008-5-17 11:55:52 ISAKMP: received packet from 60.14.184.198
2008-5-17 11:55:52 ISAKMP(0): dealing with Delete Payload
2008-5-17 11:55:52 ISAKMP:        not found peer designating ISAKMP-SA, maybe be
expired(?)
2008-5-17 11:55:52 ISAKMP: received informational message



连网方式是
PC-------internet---------router----(lan)
我在PC上连接的时候,ROUTER上有这个的提示是什么意思啊,我想做L2TP / IPSEC 的那种,高手帮帮忙啊!!!

这是配置
sh run
Building configuration...

Current configuration:
!
service timestamps log date
service timestamps debug date
service password-encryption
logging buffered 4096
!
hostname gskd-bdcom
set-wan-count 4
!
!
!
!
!
ip local pool 1 X.X.X.X X
!
aaa authentication login default local
aaa authentication enable default enable
aaa authentication ppp default local
!
username XXXXX password 7 06364e3e4424
enable password 7 06040E07066A11 level 15
!
crypto isakmp key 12345678 0.0.0.0 0.0.0.0
!
crypto isakmp policy 10
encryption des
!
crypto ipsec transform-set vpn
!
crypto dynamic-map test
set transform-set vpn
!
crypto map testvpn 1 ipsec-isakmp dynamic test
!
!
interface Virtual-template1
ip address X.X.X.X X.X.X.X
no ip directed-broadcast
ppp authentication pap
peer default ip address pool 1
!
interface FastEthernet0/0
ip address X.X.X.X X.X.X.X
no ip directed-broadcast
!
interface FastEthernet0/1
description WANGTONG
ip address X.X.X.X X.X.X.X
no ip directed-broadcast
no ip route-cache
ip access-group firewall in
ip nat outside
!
interface FastEthernet0/2
description JIAOQU
ip address X.X.X.X X.X.X.X
no ip directed-broadcast
no ip route-cache
ip access-group firewall in
ip nat inside
!
interface FastEthernet0/3
description ZHISHU
ip address X.X.X.X X.X.X.X
no ip directed-broadcast
no ip route-cache
ip access-group firewall in
ip nat inside
!
interface FastEthernet0/4
description JICHA
ip address X.X.X.X X.X.X.X
no ip directed-broadcast
no ip route-cache
ip access-group firewall in
ip nat inside
!
!
!
!
!
line vty 0
exec-timeout 300
!
line vty 1
exec-timeout 300
!
line vty 2
exec-timeout 300
!
line vty 3
exec-timeout 300
!
line vty 4
exec-timeout 300
!
!
ip route default X.X.X.X
!
chinese
!
!
ip access-list standard NAT_1
permit X.X.X.X X.X.X.X
permit X.X.X.X X.X.X.X
permit X.X.X.X X.X.X.X
!
ip access-list extended firewall
deny   tcp any any eq 135
deny   tcp any any eq 139
deny   tcp any any eq 389
deny   tcp any any eq 420
deny   tcp any any eq 445
deny   tcp any any eq 449
deny   tcp any any eq 593
deny   tcp any any eq 1025
deny   tcp any any eq 1092
deny   tcp any any eq 1434
deny   tcp any any eq 2745
deny   tcp any any eq 3127
deny   tcp any any eq 4444
deny   tcp any any eq 5354
deny   tcp any any eq 5554
deny   tcp any any eq 5555
deny   tcp any any eq 5800
deny   tcp any any eq 5900
deny   tcp any any eq 6129
deny   tcp any any eq 6667
deny   tcp any any eq 9604
deny   tcp any any eq 9995
deny   tcp any any eq 9996
deny   tcp any any eq 16881
deny   tcp any any eq 20168
deny   udp any any eq 135
deny   udp any any eq 389
deny   udp any any eq 445
deny   udp any any eq 449
deny   udp any any eq 1068
deny   udp any any eq 1092
deny   udp any any eq 1433
deny   udp any any eq 1434
deny   udp any any eq 5300
deny   udp any any eq 5554
deny   udp any any eq 5800
deny   udp any any eq 6667
deny   udp any any eq 7995
deny   udp any any eq 9800
deny   udp any any eq 16881
deny   udp any any eq 20168
permit ip any any
!
!
!
vpdn enable
!
vpdn-group 1
accept-dialin
port Virtual-template1
protocol l2tp
local-name default
!
!
time-zone dd 8 0
sntp server 128.250.36.2
sntp server 202.112.10.60
!
ip nat service **service
ip nat translation max-entries host any 200
ip nat inside source list NAT_1 interface FastEthernet0/1