[Openswan Users] Connecting to Checkpoint VPN-1

Eugene Kotlyarov e.kotlyarov at gmail.com
Sat Apr 4 05:27:40 EDT 2009


Hi

Kerese Péter wrote:

> Use ipsec auto --add and ipsec auto --up to establish the connection and
> watch the logs. If you cannot figure out what can be wrong then you can
> increase the debug level with ipsec whack to the specified tunnel only or
> just simply look for the word 'known' since checkpoint likes to offer
> different netmasks and openswan selects the connection based on the
> proposal.
> 

Thanks for recommendations!
But I have the following problem. Do you know why this could be?
Does this mean that ike parameter is right and esp parameter is wrong?
Is there a way to find out what parameters to use from configuration of 
Securemote client on windows if I have working connection there?

Apr  4 13:16:25 ekot-desktop pluto[12543]: "checkpoint-openswan" #1: 
initiating Main Mode
Apr  4 13:16:25 ekot-desktop pluto[12543]: "checkpoint-openswan" #1: 
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
Apr  4 13:16:25 ekot-desktop pluto[12543]: "checkpoint-openswan" #1: 
enabling possible NAT-traversal with method draft-ietf-ipsec-nat-t-ike-02/03
Apr  4 13:16:25 ekot-desktop pluto[12543]: "checkpoint-openswan" #1: 
transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Apr  4 13:16:25 ekot-desktop pluto[12543]: "checkpoint-openswan" #1: 
STATE_MAIN_I2: sent MI2, expecting MR2
Apr  4 13:16:25 ekot-desktop pluto[12543]: "checkpoint-openswan" #1: more 
than 20 payloads in message; ignored
Apr  4 13:16:25 ekot-desktop pluto[12543]: | payload malformed after IV
Apr  4 13:16:25 ekot-desktop pluto[12543]: |
Apr  4 13:16:25 ekot-desktop pluto[12543]: "checkpoint-openswan" #1: sending 
notification PAYLOAD_MALFORMED to xxx.xxx.xxx.xxx:500
Apr  4 13:16:27 ekot-desktop pluto[12543]: "checkpoint-openswan" #1: more 
than 20 payloads in message; ignored
Apr  4 13:16:27 ekot-desktop pluto[12543]: | payload malformed after IV


More information about the Users mailing list