[Openswan Users] PAYLOAD_MALFORMED to lsipsectool

Mihajlo Cvetanović mac at netset.co.yu
Wed Jun 21 16:16:16 CEST 2006


Mihajlo Cvetanović wrote:

> I'm trying to establish a road warrior connection from win2000 to FC5, 
> with certificates and lsipsectool. Openswan keeps complaining about 
> some malformed payloads. What is wrong here? I've put root certificate 
> and certificate with CN=mac22 into Windows repository via 
> lsipsectools, but they both appear in "Root Certificates" list. 
> Desired network configuration is:
>
> 80.80.80.0/24...[80.80.80.53/24(eth0),10.0.0.3/8(eth1)]===10.0.0.22/8(win2000) 
>
> ...

OK, it seems that the first problem was the certificate that ended up in 
Root Certificates list. I don't know how it got up there, but after 
deleting it, and installing new p12 file the whole thing turned to 
second problem, which went away after I added leftsubnet line in ipsec.conf.

It looks like it's working, for now...

The diagnostics would have been better if Openswan understood the 
non-encrypted payload in packet as "non-encrypted" instead of "malformed".


More information about the Users mailing list