I have a PIX to PIX VPN (both running v6.3) that sets up a connection when pinged from either side of the VPN, but fails to work, always showing recieve errors with "sh crypto ipsec sa".
The output of "debug crypto ipsec" and "debug crypto isakmp" running on the destination PIX produces the following
IPSEC(cipher_ipsec_request): decap failed for pix-scotland -> pix-outside
IPSEC(sw_ah_decap): authentication signature does not match
Any ideas where to start hunting?