No.
I spent two whole days last week trying to accomplish the exact same thing and failed. I found this to be a poorly documented topic, and after two days I just gave up.
I did get it to sort of work, but with various configurations on the Windows side, I could only get one side or the other to be able to create the tunnel, but never both. Once the tunnel was created both sides could communicate with each other through the tunnel, but only if for example, the Cisco router initiated the tunnel.
You can find my Cisco config from this post and maybe some other information that might help from this serverfault post I made, even though I said XP, I tried with 2003 as well. Here is a article on how to get some error logs for the Windows side. For the Cisco side, you can enable various crypto debugging with debug crypto ?
where the question mark will show you the options.
From the windows side, if you see a failure with Main Mode, that would be the initial ike negotiation in the General -- Advanced portion of your policy. For quick mode, that would be the Negotiate security part of your filter action. For the cisco side, quick mode is the transform set, and Main mode is the crypto isakmp policy.
In that Cisco document you linked to, if you look at the filters, it shows there filters as being mirrored. According to Microsoft, mirrored filters and protocol specific filters are not supported with tunnel mode.
I also wrote the following for myself to help me get the windows settings:
There are 'IP Security Policies'.
Each policy has a IKE settings (Phase
1, or Main Mode). Each policy also
can have rules applied to it. A rule
can have a single filter, a single
filter action, a optional tunnel
endpoint, and a authentication method.
A filter chooses what traffic will be
matched and have the rule applied to
it. A filter can be described in terms
of Source address, Destination
Address, and/or protocols and ports.
The filters is where my test broke down I think, For the Microsoft to Cisco, if I used the Windows IP and the Cisco IP as the destination, it would not work, I had to put ANY IP for the destination and set the protocol for the filter to ICMP for my test (Even though those are not supposed to work).
So on the whole, I found it to be a spotty technology, poorly documented, and if you can't tell, frustrating. I have set up site-site VPN with Cisco to Cisco before without any problems. If you get to work reliably, please post what you did. Sorry if this post is a bit rambling, hopefully something in here might help you.