[Openswan Users] Malformed Payload with kernel 2.6.16-1

Rob Clive rob at r2g2.co.uk
Thu Apr 6 17:19:40 CEST 2006

I have Fedora Core 4 which has just upgraded to kernel 2.6.16-1.2069 (was 
2.6.15-1.1833).  IPSEC using RSA secrets & x509 certs between openswan 
2.4.4 and winXP clients worked perfectly through NATs before but hasn't 
since.  The IKE negotiation always fails at MR2 with an invalid payload 
error.  I understand this means unmatched keys.

As far as I can see the only thing changed is the kernel and it's modules. 
Nothing else was upgraded which could affect IPSEC and none of the config 
or secrets files at either end have been changed.

Has anyone a ready explanation?  Or perhaps can point me gently at the 
thing I've forgotten?

Thanks in advance for your help,

Rob Clive
< If yu cn rd ths, yu cn b a cmptr prgrmr! >

More information about the Users mailing list