[Openswan Users] next payload type of ISAKMP Message has an unknown value: 133
Marco Berizzi
pupilla at hotmail.com
Wed Jul 11 09:40:05 EDT 2007
Hello everybody.
I'm trying to establish an ipsec tunnel
between vista (as road warrior) and
openswan 2.4.8 (no nat involved)
The tunnel is successfully established,
but openswan is logging the above message,
and vista drop all ESP packets from
openswan. However the openswan box receive
and decrypt the ESP packets from vista.
Hints?
Here is the full log:
Jul 10 16:03:17 Pleiadi pluto[1111]: packet from 151.25.20.9:500: next
payload type of ISAKMP Message has an unknown value: 133
Jul 10 16:03:17 Pleiadi pluto[1111]: | payload malformed after IV
Jul 10 16:03:17 Pleiadi pluto[1111]: |
Jul 10 16:03:17 Pleiadi pluto[1111]: packet from 151.25.20.9:500:
sending notification PAYLOAD_MALFORMED to 151.25.20.9:500
Jul 10 16:03:17 Pleiadi pluto[1111]: packet from 151.25.20.9:500:
ignoring unknown Vendor ID payload [214ca4faffa7f32d6748e5303395ae83]
Jul 10 16:03:17 Pleiadi pluto[1111]: packet from 151.25.20.9:500:
ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000005]
Jul 10 16:03:17 Pleiadi pluto[1111]: packet from 151.25.20.9:500:
received Vendor ID payload [RFC 3947] method set to=110
Jul 10 16:03:17 Pleiadi pluto[1111]: packet from 151.25.20.9:500:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106,
but already using method 110
Jul 10 16:03:17 Pleiadi pluto[1111]: packet from 151.25.20.9:500:
ignoring Vendor ID payload [FRAGMENTATION]
Jul 10 16:03:17 Pleiadi pluto[1111]: packet from 151.25.20.9:500:
ignoring Vendor ID payload [MS-Negotiation Discovery Capable]
Jul 10 16:03:17 Pleiadi pluto[1111]: packet from 151.25.20.9:500:
ignoring Vendor ID payload [Vid-Initial-Contact]
Jul 10 16:03:17 Pleiadi pluto[1111]: packet from 151.25.20.9:500:
ignoring Vendor ID payload [IKE CGA version 1]
Jul 10 16:03:17 Pleiadi pluto[1111]: "rw-old"[20] 151.25.20.9 #276:
responding to Main Mode from unknown peer 151.25.20.9
Jul 10 16:03:17 Pleiadi pluto[1111]: "rw-old"[20] 151.25.20.9 #276:
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jul 10 16:03:17 Pleiadi pluto[1111]: "rw-old"[20] 151.25.20.9 #276:
STATE_MAIN_R1: sent MR1, expecting MI2
Jul 10 16:03:18 Pleiadi pluto[1111]: "rw-old"[20] 151.25.20.9 #276:
NAT-Traversal: Result using RFC 3947 (NAT-Traversal): no NAT detected
Jul 10 16:03:18 Pleiadi pluto[1111]: "rw-old"[20] 151.25.20.9 #276:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jul 10 16:03:18 Pleiadi pluto[1111]: "rw-old"[20] 151.25.20.9 #276:
STATE_MAIN_R2: sent MR2, expecting MI3
Jul 10 16:03:18 Pleiadi pluto[1111]: "rw-old"[20] 151.25.20.9 #276: Main
mode peer ID is ID_DER_ASN1_DN: 'C=IT, ST=Venezia, L=ma, O=company bla,
OU=I & O, CN=user name, E=uname at co'
Jul 10 16:03:18 Pleiadi pluto[1111]: "rw-old"[20] 151.25.20.9 #276: crl
update for "C=IT, ST=Venezia, L=ma, O=company bla, OU=I & O, CN=company,
E=postmaster at co" is overdue since Mar 10 14:17:05 UTC 2005
Jul 10 16:03:18 Pleiadi pluto[1111]: "rw-old"[20] 151.25.20.9 #276:
switched from "rw-old" to "rw-old"
Jul 10 16:03:18 Pleiadi pluto[1111]: "rw-old"[21] 151.25.20.9 #276:
deleting connection "rw-old" instance with peer 151.25.20.9
{isakmp=#0/ipsec=#0}
Jul 10 16:03:18 Pleiadi pluto[1111]: "rw-old"[21] 151.25.20.9 #276: I am
sending my cert
Jul 10 16:03:18 Pleiadi pluto[1111]: "rw-old"[21] 151.25.20.9 #276:
deleting connection "rw" instance with peer 151.25.29.150
{isakmp=#0/ipsec=#274}
Jul 10 16:03:18 Pleiadi pluto[1111]: "rw" #274: deleting state
(STATE_QUICK_R2)
Jul 10 16:03:18 Pleiadi pluto[1111]: "rw-old"[21] 151.25.20.9 #276:
deleting connection "rw-old" instance with peer 151.25.29.150
{isakmp=#273/ipsec=#0}
Jul 10 16:03:18 Pleiadi pluto[1111]: "rw-old" #273: deleting state
(STATE_MAIN_R3)
Jul 10 16:03:18 Pleiadi pluto[1111]: "rw-old"[21] 151.25.20.9 #276:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jul 10 16:03:18 Pleiadi pluto[1111]: "rw-old"[21] 151.25.20.9 #276:
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG
cipher=aes_128 prf=oakley_sha group=modp1024}
Jul 10 16:03:19 Pleiadi pluto[1111]: packet from 151.25.20.9:500: next
payload type of ISAKMP Message has an unknown value: 133
Jul 10 16:03:19 Pleiadi pluto[1111]: | payload malformed after IV
Jul 10 16:03:19 Pleiadi pluto[1111]: |
Jul 10 16:03:19 Pleiadi pluto[1111]: packet from 151.25.20.9:500:
sending notification PAYLOAD_MALFORMED to 151.25.20.9:500
Jul 10 16:03:19 Pleiadi pluto[1111]: "rw"[8] 151.25.20.9 #277:
responding to Quick Mode {msgid:01000000}
Jul 10 16:03:19 Pleiadi pluto[1111]: "rw"[8] 151.25.20.9 #277:
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jul 10 16:03:19 Pleiadi pluto[1111]: "rw"[8] 151.25.20.9 #277:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Jul 10 16:03:19 Pleiadi pluto[1111]: "rw"[8] 151.25.20.9 #277:
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jul 10 16:03:19 Pleiadi pluto[1111]: "rw"[8] 151.25.20.9 #277:
STATE_QUICK_R2: IPsec SA established {ESP=>0x132b8212 <0x496a4f0c
xfrm=AES_128-HMAC_SHA1 NATD=none DPD=none}
Jul 10 16:03:23 Pleiadi pluto[1111]: packet from 151.25.20.9:500: next
payload type of ISAKMP Message has an unknown value: 133
Jul 10 16:03:23 Pleiadi pluto[1111]: | payload malformed after IV
Jul 10 16:03:23 Pleiadi pluto[1111]: |
Jul 10 16:03:23 Pleiadi pluto[1111]: packet from 151.25.20.9:500:
sending notification PAYLOAD_MALFORMED to 151.25.20.9:500
Jul 10 16:03:24 Pleiadi pluto[1111]: packet from 151.25.20.9:500: next
payload type of ISAKMP Message has an unknown value: 133
Jul 10 16:03:24 Pleiadi pluto[1111]: | payload malformed after IV
Jul 10 16:03:24 Pleiadi pluto[1111]: |
Jul 10 16:03:24 Pleiadi pluto[1111]: packet from 151.25.20.9:500:
sending notification PAYLOAD_MALFORMED to 151.25.20.9:500
Jul 10 16:03:32 Pleiadi pluto[1111]: packet from 151.25.20.9:500: next
payload type of ISAKMP Message has an unknown value: 133
Jul 10 16:03:32 Pleiadi pluto[1111]: | payload malformed after IV
Jul 10 16:03:32 Pleiadi pluto[1111]: |
Jul 10 16:03:32 Pleiadi pluto[1111]: packet from 151.25.20.9:500:
sending notification PAYLOAD_MALFORMED to 151.25.20.9:500
Jul 10 16:03:48 Pleiadi pluto[1111]: packet from 151.25.20.9:500: next
payload type of ISAKMP Message has an unknown value: 133
Jul 10 16:03:48 Pleiadi pluto[1111]: | payload malformed after IV
Jul 10 16:03:48 Pleiadi pluto[1111]: |
Jul 10 16:03:48 Pleiadi pluto[1111]: packet from 151.25.20.9:500:
sending notification PAYLOAD_MALFORMED to 151.25.20.9:500
More information about the Users
mailing list