[Openswan Users] Re: Malformed Payload
Rob Hasselbaum
rhasselbaum at alumni.ithaca.edu
Wed May 3 10:44:25 CEST 2006
Thanks very much for responding. I'm using pre-shared keys with XAuth,
though. So as I understand it, there aren't any certificates involved. I
don't know why Openswan is looking for one.
-----Original Message-----
From: users-bounces at openswan.org [mailto:users-bounces at openswan.org] On
Behalf Of Rob Clive
Sent: Wednesday, May 03, 2006 4:31 AM
To: users at openswan.org
Subject: [Openswan Users] Re: Malformed Payload
> I hate to repost, but I'm really blocked. Has anyone seen an error like
> this?
>
> Could anyone give me a hint as to what causes this error?
003 "netscreen" #1: discarding duplicate packet; already STATE_XAUTH_I1
>
> 228 "netscreen" #1: STATE_XAUTH_I1: CERTIFICATE_UNAVAILABLE
>
> 003 "netscreen" #1: next payload type of ISAKMP Hash Payload has an
unknown
> value: 114
>
> 003 "netscreen" #1: malformed payload in packet
>
> 003 "netscreen" #1: next payload type of ISAKMP Hash Payload has an
unknown
> value: 114
>
> 003 "netscreen" #1: malformed payload in packet
>
As I have found out by bitter experience it means you have a bad/no
certificate so basically the packets are being encrypted with the wrong
key. (It's unfortunate the error message cannot be more specific.) Try
reloading your certificate and make sure you have it and the CA stuff in
the right places. The log suggests pluto can't find them.
Rob Clive
< Plan to be spontaneous tomorrow >
_______________________________________________
Users at openswan.org
http://lists.openswan.org/mailman/listinfo/users
Building and Integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list