Does anyone else noticed problems after updating openswan to openswan-2.6.32-27.2.el6_5.i686 ? In our case a connection to Cisco VPN 3000 Series would no longer work. I can see in the log an ASSERTION FAILED error and the connection would remain in Pending phase 2. Mar 7 16:24:40 firewall pluto[7647]: "ciscovpntest" #2: discarding duplicate packet; already STATE_MAIN_I1 Mar 7 16:24:53 firewall pluto[7647]: "ciscovpntest" #2: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106 Mar 7 16:24:53 firewall pluto[7647]: "ciscovpntest" #2: ignoring Vendor ID payload [FRAGMENTATION c0000000] Mar 7 16:24:53 firewall pluto[7647]: "ciscovpntest" #2: enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-05 Mar 7 16:24:53 firewall pluto[7647]: "ciscovpntest" #2: ASSERTION FAILED at /builddir/build/BUILD/openswan-2.6.32/programs/pluto/ikev1_main.c:1112: st->st_sec_in_use==FALSE Mar 7 16:24:53 firewall pluto[7647]: "ciscovpntest" #2: using kernel interface: netkey .... Mar 7 16:24:53 firewall pluto[7647]: "ciscovpntest" #2: #2: "ciscovpntest":500 STATE_MAIN_I1 (sent MI1, expecting MR1); EVENT_RETRANSMIT in 39s; nodpd; idle; import:admin initiate Mar 7 16:24:53 firewall pluto[7647]: "ciscovpntest" #2: #2: pending Phase 2 for "ciscovpntest" replacing #0 Downgrading openswan to openswan-2.6.32-27.el6.i686 solves the problem. The problem is restricted to this VPN connection, other 2 VPNs continue to work fine with the new version. Radu