[Openswan Users] shorewall and openswan

Tuomo Soini tis at foobar.fi
Mon Feb 4 01:49:48 EST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Andrew Tolboe wrote:

> Feb  2 13:15:52 firewall pluto[22696]: "l2tp-X.509"[1] 155.97.239.238 
> #1: next payload type of ISAKMP Hash Payload has an unknown value: 155
> Feb  2 13:15:52 firewall pluto[22696]: "l2tp-X.509"[1] 155.97.239.238 
> #1: malformed payload in packet
> Feb  2 13:15:52 firewall pluto[22696]: "l2tp-X.509"[1] 155.97.239.238 
> #1: sending notification PAYLOAD_MALFORMED to 155.97.239.238:500
> Feb  2 13:15:52 firewall pluto[22696]: "l2tp-X.509"[1] 155.97.239.238 
> #1: byte 2 of ISAKMP Hash Payload must be zero, but is not
> Feb  2 13:15:52 firewall pluto[22696]: "l2tp-X.509"[1] 155.97.239.238 
> #1: malformed payload in packet

This error means you have connection configured for x509 certificates
but windows couldn't find certificate, that's propably because
certificate is in wrong place in windows cert storage or clock is wrong
on windows machine so certificate is not valid yet or not valid any more.

Use certimport utility to import certificate:

http://www.openswan.org/download/windows/certimport/

- --
Tuomo Soini <tis at foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <http://foobar.fi/>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFHprWMTlrZKzwul1ERAteeAJ9cRSb/CMccUxXExUjTyYN/p78PiwCfX936
zNkj7eqoiS7Utlpo1PIsEYc=
=XZ6b
-----END PGP SIGNATURE-----


More information about the Users mailing list