[Openswan Users] Tunnel fails after OpenSSL patch
Ed Ng
draco12345 at gmail.com
Wed Apr 9 13:51:25 EDT 2014
Anyone experienced any problem after the recent OpenSSL patch (Heartbleed
bug)? We have a tunnel that's been running fine for a while until we did a
system update yesterday. The server runs Amazon Linux AMI release 2014.03
with OpenSSL 1:1.0.1e-37.66.amzn1 and OpenSwan 2.6.37-3.17.amzn1.
I found some logs that looks abnormal after the patch.
Apr 10 01:21:55 pluto[1230]: "mytunnel" #43: responding to Main Mode
Apr 10 01:21:55 pluto[1230]: "mytunnel" #43: transition from state
STATE_MAIN_R0 to state STATE_MAIN_R1
Apr 10 01:21:55 pluto[1230]: "mytunnel" #43: STATE_MAIN_R1: sent MR1,
expecting MI2
Apr 10 01:21:55 pluto[1230]: "mytunnel" #43: next payload type of ISAKMP
Nonce Payload has an unknown value: 130
Apr 10 01:21:55 pluto[1230]: "mytunnel" #43: malformed payload in packet
It now says "next payload type of ISAKMP Nonce Payload has an unknown
value: 130". Anybody has any clue on how to fix this issue? The tunnel is
currently down and we want to bring it back up asap.
Thanks!
-Ed
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20140409/6b8a7d12/attachment.html>
More information about the Users
mailing list