[Openswan Users] OT IPSec -- L2TPD/Xauth

Erich Titl erich.titl at think.ch
Tue Oct 16 06:14:56 EDT 2012 

Hi Folks

this is the actual situation of an attempt to connect to my gateway from
an Android device using the on board ipsec-l2tp method.

....
Oct 16 10:04:20 sentinel pluto[21312]: "mega-rw"[1] 195.141.2.242 #1:
NAT-Traversal: Result using RFC 3947 (NAT-Traversal): peer is NATed
Oct 16 10:04:20 sentinel pluto[21312]: "mega-rw"[1] 195.141.2.242 #1:
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Oct 16 10:04:20 sentinel pluto[21312]: "mega-rw"[1] 195.141.2.242 #1:
STATE_MAIN_R2: sent MR2, expecting MI3
Oct 16 10:04:20 sentinel pluto[21312]: "mega-rw"[1] 195.141.2.242 #1:
Main mode peer ID is ID_DER_ASN1_DN: 'C=CH, L=Schlieren, O=Ruf Group,
CN=Erich Titl, E=erich.titl at ruf.ch'
Oct 16 10:04:20 sentinel pluto[21312]: "mega-rw"[1] 195.141.2.242 #1: I
am sending my cert
Oct 16 10:04:20 sentinel pluto[21312]: "mega-rw"[1] 195.141.2.242 #1:
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Oct 16 10:04:20 sentinel pluto[21312]: "mega-rw"[1] 195.141.2.242 #1:
new NAT mapping for #1, was 195.141.2.242:500, now 195.141.2.242:4500
Oct 16 10:04:20 sentinel pluto[21312]: "mega-rw"[1] 195.141.2.242 #1:
STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG
cipher=aes_256 prf=oakley_sha group=modp1024}
Oct 16 10:04:20 sentinel pluto[21312]: "mega-rw"[1] 195.141.2.242 #1:
ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
Oct 16 10:04:20 sentinel pluto[21312]: "mega-rw"[1] 195.141.2.242 #1:
received and ignored informational message
Oct 16 10:04:21 sentinel pluto[21312]: "mega-rw"[1] 195.141.2.242 #1:
byte 7 of ISAKMP NAT-OA Payload must be zero, but is not
Oct 16 10:04:21 sentinel pluto[21312]: "mega-rw"[1] 195.141.2.242 #1:
malformed payload in packet
Oct 16 10:04:21 sentinel pluto[21312]: | payload malformed after IV
Oct 16 10:04:21 sentinel pluto[21312]: |   60 c0 2b c9  71 9d 72 86  00
f9 8c 38  c2 7c 63 ba
Oct 16 10:04:21 sentinel pluto[21312]: "mega-rw"[1] 195.141.2.242 #1:
sending notification PAYLOAD_MALFORMED to 195.141.2.242:4500
Oct 16 10:04:24 sentinel pluto[21312]: "mega-rw"[1] 195.141.2.242 #1:
byte 7 of ISAKMP NAT-OA Payload must be zero, but is not
Oct 16 10:04:24 sentinel pluto[21312]: "mega-rw"[1] 195.141.2.242 #1:
malformed payload in packet
Oct 16 10:04:24 sentinel pluto[21312]: | payload malformed after IV
Oct 16 10:04:24 sentinel pluto[21312]: |   60 c0 2b c9  71 9d 72 86  00
f9 8c 38  c2 7c 63 ba
Oct 16 10:04:24 sentinel pluto[21312]: "mega-rw"[1] 195.141.2.242 #1:
sending notification PAYLOAD_MALFORMED to 195.141.2.242:4500

Maybe the malformed PAYLOAD results from a missing patch.

Thanks

Erich

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1877 bytes
Desc: S/MIME Kryptografische Unterschrift
URL: <http://lists.openswan.org/pipermail/users/attachments/20121016/45fd4dc0/attachment-0001.p7s>

More information about the Users mailing list