[Openswan Users] PAYLOAD_MALFORMED to lsipsectool
Mihajlo Cvetanović
mac at netset.co.yu
Wed Jun 21 16:16:16 CEST 2006
Mihajlo Cvetanović wrote:
> I'm trying to establish a road warrior connection from win2000 to FC5,
> with certificates and lsipsectool. Openswan keeps complaining about
> some malformed payloads. What is wrong here? I've put root certificate
> and certificate with CN=mac22 into Windows repository via
> lsipsectools, but they both appear in "Root Certificates" list.
> Desired network configuration is:
>
> 80.80.80.0/24...[80.80.80.53/24(eth0),10.0.0.3/8(eth1)]===10.0.0.22/8(win2000)
>
> ...
OK, it seems that the first problem was the certificate that ended up in
Root Certificates list. I don't know how it got up there, but after
deleting it, and installing new p12 file the whole thing turned to
second problem, which went away after I added leftsubnet line in ipsec.conf.
It looks like it's working, for now...
The diagnostics would have been better if Openswan understood the
non-encrypted payload in packet as "non-encrypted" instead of "malformed".
More information about the Users
mailing list