>>703671
Nah, a transform (or transform set) is a group of attributes that are exchanged together which eliminates the need to coordinate and negotiate individual parameters. So for example this particular ISAKMP service wouldn't respond with anything until I hit upon "7/256,2,1,2" and "7/256,2,1,5", which is basically shorthand for AES-256, SHA1 HMAC, pre-shared key, Diffie-Hellman group 2" or "DH group 5" in the second case.
From there you can attempt to brute force the group name.
If you have a valid transform and a valid group name and 'aggressive mode' is allowed, you can basically then get it to spit out a hash of the pre-shared key which you can then crack.
If you crack that you can then bring up a VPN tunnel.