<div dir="ltr"><div>Hi,</div>
<div>&nbsp;</div>
<div>I have setup my Vigor 2600 for VPN tunnel to openswan but I am receiving malformed payload messages. The ISAKMP AS is established ok but when starting IPSec SA it gets the malformed packets. What could be the possible cause of this. </div>

<div>&nbsp;</div>
<div>Conf...</div>
<div>&nbsp;</div>
<div><br>conn kscdubai<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; authby=secret<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; left=<a href="http://196.202.140.66">196.202.140.66</a><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; leftsubnet=<a href="http://10.1.0.0/17">10.1.0.0/17</a><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; leftnexthop=<a href="http://196.202.140.65">196.202.140.65</a><br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; leftsourceip=<a href="http://10.1.0.1">10.1.0.1</a><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; right=%any<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; rightsubnet=<a href="http://10.0.97.0/24">10.0.97.0/24</a><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; keyingtries=0<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; keyexchange=ike<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; esp=aes128-sha1,aes128-md5,3des-sha1,3des-md5<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ike=aes256-sha1,aes128-sha1,aes128-md5,3des-sha1,3des-md5<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; compress=no<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; pfs=yes<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; auto=add<br></div>
<div>&nbsp;</div>
<div>Sep&nbsp; 2 15:36:46 ksckhf0101 pluto[15566]: &quot;kscdubai&quot;[1] <a href="http://86.98.26.69">86.98.26.69</a> #43: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}<br>
Sep&nbsp; 2 15:36:47 ksckhf0101 pluto[15566]: &quot;kscdubai&quot;[1] <a href="http://86.98.26.69">86.98.26.69</a> #44: responding to Quick Mode {msgid:4e9d3b76}<br>Sep&nbsp; 2 15:36:47 ksckhf0101 pluto[15566]: &quot;kscdubai&quot;[1] <a href="http://86.98.26.69">86.98.26.69</a> #44: ERROR: netlink XFRM_MSG_NEWPOLICY response for flow <a href="mailto:tun.10000@196.202.140.66">tun.10000@196.202.140.66</a> included errno 17: File exists<br>
Sep&nbsp; 2 15:36:47 ksckhf0101 pluto[15566]: &quot;kscdubai&quot;[1] <a href="http://86.98.26.69">86.98.26.69</a> #44: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1<br>Sep&nbsp; 2 15:36:47 ksckhf0101 pluto[15566]: &quot;kscdubai&quot;[1] <a href="http://86.98.26.69">86.98.26.69</a> #44: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2<br>
Sep&nbsp; 2 15:36:50 ksckhf0101 pluto[15566]: &quot;kscdubai&quot;[1] <a href="http://86.98.26.69">86.98.26.69</a> #44: next payload type of ISAKMP Hash Payload has an unknown value: 206<br>Sep&nbsp; 2 15:36:50 ksckhf0101 pluto[15566]: &quot;kscdubai&quot;[1] <a href="http://86.98.26.69">86.98.26.69</a> #44: malformed payload in packet<br>
Sep&nbsp; 2 15:36:50 ksckhf0101 pluto[15566]: &quot;kscdubai&quot;[1] <a href="http://86.98.26.69">86.98.26.69</a> #44: sending notification PAYLOAD_MALFORMED to <a href="http://86.98.26.69:500">86.98.26.69:500</a><br></div>
<div>&nbsp;</div>
<div>Any pointers would be great.</div>
<div><br>AW</div></div>