[Openswan Users] 2.4.0 trouble

[Paul Wouters]

On Tue, 4 Oct 2005, Ethy H. Brito wrote:

> I have OpenSwan on two Slackware 10.1 with kernel 2.6.13. They are at same LAN
> and I can't start the tunnel. I have these error messages repeated again and
> again:
>
> Please, would someone give me some directions?
>
> Thanx
>
> Oct  4 12:42:11 cressem pluto[7545]: "cressem" #19: malformed payload in packet
> Oct  4 12:42:11 cressem pluto[7545]: "cressem" #19: sending notification PAYLOAD_MALFORMED to X.Y.Z.T:500
> Oct  4 12:42:38 cressem pluto[7545]: "cressem" #18: max number of retransmissions (2) reached STATE_QUICK_I1.  No acceptable response to our first Quick Mode message: perhaps peer likes no proposal
> Oct  4 12:42:38 cressem pluto[7545]: "cressem" #18: starting keying attempt 8 of an unlimited number
> Oct  4 12:42:38 cressem pluto[7545]: "cressem" #20: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+PFS+UP to replace #18 {using isakmp#10}
> Oct  4 12:42:48 cressem pluto[7545]: "cressem" #10: Informational Exchange message must be encrypted
> Oct  4 12:42:51 cressem pluto[7545]: "cressem" #21: responding to Quick Mode {msgid:c21aaf37}
> Oct  4 12:42:51 cressem pluto[7545]: "cressem" #21: ERROR: netlink response for Add SA esp.c5b2cd2c at X.Y.W.E included errno 93: Protocol not supported
> Oct  4 12:43:01 cressem pluto[7545]: "cressem" #21: next payload type of ISAKMP Hash Payload has an unknown value: 143
> Oct  4 12:43:01 cressem pluto[7545]: "cressem" #21: malformed payload in packet
> Oct  4 12:43:01 cressem pluto[7545]: "cressem" #21: sending notification PAYLOAD_MALFORMED to X.Y.W.T:500

This could be a wrong PSK, or a bug. Are you using openswan 2.4.x?

Paul