[Openswan Users] Problems with openswan tunnel on Fedora
mclaridge at rwa-net.co.uk
Tue Aug 24 17:51:29 CEST 2004
I have an openswan tunnel working to a Cisco VPN3000, from a RHEL box,
with ipsec-tools-0.2.5-0-5 and openswan-2.1.2 (built from source).
I have transferred this working configuration onto a new box running
Fedora Core 2 and just changed the 'left' ip addresses. This box has
been running both ipsec-tools-0.2.5-1 and openswan-2.1.2(rpm) as well as
ipsec-tools-0.2.5-0-5 and openswan 2.1.2 (from source). When I bring
this tunnel up on this box I get two errors:
"ignoring informational payload, type PAYLOAD_MALFORMED"
"encrypted Informational Exchange message is invalid because it is for
incomplete ISAKMP SA"
The ipsec.conf on both boxes looks like:
# Debug-logging controls: "none" for (almost) none, "all" for lots.
Can anyone enlighten me as to why this isn't working - the obvious
thought is that FC2 uses a 2.6 kernel and that this in some way is
incompatible with what I'm trying to do. I'd like to get this working
though, rather than having to set up another box with RHEL.......any
help would be most appreciated.
More information about the Users