<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>
Please check your secrets file and ensure that you have <br>1) The correct syntax for the secrets file<br>2) The correct pre-shared keys on both the vpn peers<br> Thanks. <br><br><span style="font-family:Tahoma,Helvetica,Sans-Serif;font-style:italic;font-weight:bold">-<span style="font-family:Times New Roman,Times,Serif"> Simon Charles - </span></span><br><br><br><div><div id="SkyDrivePlaceholder"></div>> Date: Tue, 12 Jun 2012 12:49:43 -0600<br>> From: lgramajo@empagua.com<br>> To: users@lists.openswan.org<br>> Subject: [Openswan Users] STATE_MAIN_I3: sent MI3, expecting MR3, 002 #1: received 1 malformed payload notifies<br>> <br>> Hi everyone,<br>> <br>> Ive been cracking my head the for the las day trying to figure this out.<br>> <br>> When I start the ipsec service im getting:<br>> <br>> <br>> ipsec_setup: Starting Openswan IPsec U2.6.28/K2.6.32-5-xen-amd64...<br>> 000 initiating all conns with alias='telefonica'<br>> 002 "telefonica/2x0" #1: initiating Main Mode<br>> 104 "telefonica/2x0" #1: STATE_MAIN_I1: initiate<br>> 002 "telefonica/2x0" #1: transition from state STATE_MAIN_I1 to state <br>> STATE_MAIN_I2<br>> 106 "telefonica/2x0" #1: STATE_MAIN_I2: sent MI2, expecting MR2<br>> 002 "telefonica/2x0" #1: transition from state STATE_MAIN_I2 to state <br>> STATE_MAIN_I3<br>> 108 "telefonica/2x0" #1: STATE_MAIN_I3: sent MI3, expecting MR3<br>> 002 "telefonica/2x0" #1: received 1 malformed payload notifies<br>> 010 "telefonica/2x0" #1: STATE_MAIN_I3: retransmission; will wait 20s <br>> for response<br>> 010 "telefonica/2x0" #1: STATE_MAIN_I3: retransmission; will wait 40s <br>> for response<br>> 031 "telefonica/2x0" #1: max number of retransmissions (2) reached <br>> STATE_MAIN_I3. Possible authentication failure: no acceptable response <br>> to our first encrypted message<br>> <br>> <br>> My config is as follows:<br>> <br>> <br>> # basic configuration<br>> config setup<br>> interfaces="%defaultroute"<br>> klipsdebug=none<br>> plutodebug=none<br>> #plutoload=%search<br>> #plutostart=%search<br>> plutostderrlog="/var/log/pluto.log"<br>> protostack=netkey<br>> # nhelpers=0<br>> oe=no<br>> <br>> # defaults that apply to all connection descriptions<br>> conn %default<br>> # How persistent to be in (re)keying negotiations (0 means very).<br>> keyingtries=0<br>> # How to authenticate gatways<br>> authby=secret<br>> type=tunnel<br>> <br>> conn telefonica<br>> left=MY_PUBLIC_IP<br>> leftsubnets={10.13.1.35/32 10.13.1.39/32}<br>> leftid=@ME.example.com<br>> # leftxauthclient=yes<br>> right=THEIR_PUBLIC_IP<br>> rightsubnet=192.168.144.3/32<br>> # rightxauthserver=yes<br>> rightid=@telefonica.example.com<br>> keyingtries=1<br>> pfs=no<br>> aggrmode=no<br>> auto=add<br>> auth=esp<br>> esp=3DES-SHA1<br>> keyexchange=ike<br>> ike=3DES-SHA1-modp1024<br>> ikelifetime=24h<br>> # keyingtries=3<br>> keylife=1h<br>> authby=secret<br>> <br>> <br>> Can please someone point me in the right direction, thanks.<br>> <br>> -- <br>> Luis Fernando Gramajo P.<br>> Redes y Telecomunicaciones<br>> Sistemas de Información EMPAGUA<br>> <br>> _______________________________________________<br>> Users@lists.openswan.org<br>> https://lists.openswan.org/mailman/listinfo/users<br>> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy<br>> Building and Integrating Virtual Private Networks with Openswan:<br>> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155<br></div> </div></body>
</html>