[Openswan Users] WinXp+Openswan on certificates

Urmo urmo at mindworks.ee
Thu Feb 3 17:10:58 CET 2005


Ok, now I added certificates to openswan and XpSp2 box. Connecting generates
this:


eb  3 17:00:17 wall pluto[12931]: | complete state transition with STF_OK
Feb  3 17:00:17 wall pluto[12931]: "roadwarrior"[1] 194.106.125.146:63510
#1: transition from state STATE_MAI
N_R1 to state STATE_MAIN_R2
Feb  3 17:00:17 wall pluto[12931]: | sending reply packet
Feb  3 17:00:17 wall pluto[12931]: | sending 356 bytes for STATE_MAIN_R1
through eth0 to 194.106.125.146:6351
0:

and then 

Feb  3 17:00:18 wall pluto[12931]: "roadwarrior"[1] 194.106.125.146:63510
#1: next payload type of ISAKMP Has
h Payload has an unknown value: 242
Feb  3 17:00:18 wall pluto[12931]: "roadwarrior"[1] 194.106.125.146:63510
#1: malformed payload in packet
Feb  3 17:00:18 wall pluto[12931]: "roadwarrior"[1] 194.106.125.146:63510
#1: sending notification PAYLOAD_MA
LFORMED to 194.106.125.146:63510

What could be wrong? Last message is repeated with similar message, only
with Payload value 148 and then openswan hangs up.

My ipsec.conf:

config setup
        interfaces="ipsec0=eth0"
        nat_traversal=yes
        virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16
        klipsdebug=all
        plutodebug=all
        dumpdir=/tmp

conn %default
        compress=yes
        disablearrivalcheck=no
        leftrsasigkey=%cert
        rightrsasigkey=%cert
        keyingtries = 1

conn roadwarrior
        left = 194.106.125.147
        leftsubnet = 192.168.0.0/24
        leftcert=urmo_cert.pem
        pfs = yes
        right=%any
        auto=add




More information about the Users mailing list