In the hopes that it helps somebody in the future, I found that the fix to this problem in ROS6 was to disable 'SHA1' and enable 'SHA256' for the default IPSEC profile.
The default profile can be found from the top level menu, by navigating to: IP -> IPSec -> Proposal (tab) -> default