<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=UTF-8" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
Hi<br>
<br>
I am almost totally new to this, but I received these mesages when a
Vigor router was trying initiate the connection using AES with
Authentication. Forcing it to initiate with 3DES/MD5 or 3DES/SHA1 got
round the problem, but in my case I did it at the router end, not the
Openswan end.<br>
<br>
Nick<br>
<br>
Eugene Kotlyarov wrote:
<blockquote cite="mid:49D7280C.8010609@gmail.com" type="cite">
<pre wrap="">Hi
Kerese Péter wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Use ipsec auto --add and ipsec auto --up to establish the connection and
watch the logs. If you cannot figure out what can be wrong then you can
increase the debug level with ipsec whack to the specified tunnel only or
just simply look for the word 'known' since checkpoint likes to offer
different netmasks and openswan selects the connection based on the
proposal.
</pre>
</blockquote>
<pre wrap=""><!---->
Thanks for recommendations!
But I have the following problem. Do you know why this could be?
Does this mean that ike parameter is right and esp parameter is wrong?
Is there a way to find out what parameters to use from configuration of
Securemote client on windows if I have working connection there?
Apr 4 13:16:25 ekot-desktop pluto[12543]: "checkpoint-openswan" #1:
initiating Main Mode
Apr 4 13:16:25 ekot-desktop pluto[12543]: "checkpoint-openswan" #1:
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
Apr 4 13:16:25 ekot-desktop pluto[12543]: "checkpoint-openswan" #1:
enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Apr 4 13:16:25 ekot-desktop pluto[12543]: "checkpoint-openswan" #1:
transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Apr 4 13:16:25 ekot-desktop pluto[12543]: "checkpoint-openswan" #1:
STATE_MAIN_I2: sent MI2, expecting MR2
Apr 4 13:16:25 ekot-desktop pluto[12543]: "checkpoint-openswan" #1: more
than 20 payloads in message; ignored
Apr 4 13:16:25 ekot-desktop pluto[12543]: | payload malformed after IV
Apr 4 13:16:25 ekot-desktop pluto[12543]: |
Apr 4 13:16:25 ekot-desktop pluto[12543]: "checkpoint-openswan" #1: sending
notification PAYLOAD_MALFORMED to xxx.xxx.xxx.xxx:500
Apr 4 13:16:27 ekot-desktop pluto[12543]: "checkpoint-openswan" #1: more
than 20 payloads in message; ignored
Apr 4 13:16:27 ekot-desktop pluto[12543]: | payload malformed after IV
_______________________________________________
<a class="moz-txt-link-abbreviated" href="mailto:Users@openswan.org">Users@openswan.org</a>
<a class="moz-txt-link-freetext" href="http://lists.openswan.org/mailman/listinfo/users">http://lists.openswan.org/mailman/listinfo/users</a>
Building and Integrating Virtual Private Networks with Openswan:
<a class="moz-txt-link-freetext" href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a>
</pre>
</blockquote>
</body>
</html>