[Openswan Users] IPSEC(epa_des_crypt): decrypted packet failed SA identity

Markus Locher ml at as-support.com
Mon Jan 12 07:34:22 EST 2009

Thanx Paul.

Could it be that there  is still a configuration error on the client?
What can be the reason the CISCO couldn't get the right SA?
I see that there are no more error messages, because the client does
nothing wrong as far as I can see.

Any packet that is transported with ipsec to the CISCO fails with that
SA identity check. From traceroute, ping or some else.

lg markus

More information about the Users mailing list