commands arent relevant only on route based VPN, but you cant see any security association as its formed in phase 2, and you said your tunnel is failing on P2...
now, as you said, if your phase 1 is OK, that means you have correct peers, DH and PSK. it setting up a tunnel between your peers, and have channel secured for phase 2.
if your phase 2 is failing, then you either dont have proper auth algorithms, or your private networks arent set up correctly. those are usually the reasons why P2 is failing.
check auth and encryption algorithms on both sides, make sure they are same. check private networks on both sides, be sure you are not source NAT them on both sides...
can we see tunnel configuration on both sides?