Hi, I'm tryaing to connect Android phone whit ipsec/xl2tp but always have this problems in the log:<div><br></div><div><div>Jun 27 17:16:49 mail pluto[28459]: "L2TP-PSK-NAT"[25] 190.181.129.34 #20: sending notification PAYLOAD_MALFORMED to <a href="http://190.181.129.34:4500">190.181.129.34:4500</a></div>
<div>Jun 27 17:16:52 mail pluto[28459]: | processing connection L2TP-PSK-NAT[25] 190.181.129.34</div><div>Jun 27 17:16:52 mail pluto[28459]: "L2TP-PSK-NAT"[25] 190.181.129.34 #20: byte 7 of ISAKMP NAT-OA Payload must be zero, but is not</div>
<div>Jun 27 17:16:52 mail pluto[28459]: "L2TP-PSK-NAT"[25] 190.181.129.34 #20: malformed payload in packet</div><div>Jun 27 17:16:52 mail pluto[28459]: | payload malformed after IV</div><div>Jun 27 17:16:52 mail pluto[28459]: | 19 63 c9 4c a7 85 4d cd 09 17 18 65 f4 c5 24 60</div>
<div>Jun 27 17:16:52 mail pluto[28459]: "L2TP-PSK-NAT"[25] 190.181.129.34 #20: sending notification PAYLOAD_MALFORMED to <a href="http://190.181.129.34:4500">190.181.129.34:4500</a></div><div>Jun 27 17:16:55 mail pluto[28459]: | processing connection L2TP-PSK-NAT[25] 190.181.129.34</div>
<div>Jun 27 17:16:55 mail pluto[28459]: "L2TP-PSK-NAT"[25] 190.181.129.34 #20: byte 7 of ISAKMP NAT-OA Payload must be zero, but is not</div><div>Jun 27 17:16:55 mail pluto[28459]: "L2TP-PSK-NAT"[25] 190.181.129.34 #20: malformed payload in packet</div>
<div>Jun 27 17:16:55 mail pluto[28459]: | payload malformed after IV</div><div>Jun 27 17:16:55 mail pluto[28459]: | 19 63 c9 4c a7 85 4d cd 09 17 18 65 f4 c5 24 60</div><div>Jun 27 17:16:55 mail pluto[28459]: "L2TP-PSK-NAT"[25] 190.181.129.34 #20: sending notification PAYLOAD_MALFORMED to <a href="http://190.181.129.34:4500">190.181.129.34:4500</a></div>
<div>Jun 27 17:16:57 mail pluto[28459]: | processing connection L2TP-PSK-NAT[25] 190.181.129.34</div><div>Jun 27 17:16:57 mail pluto[28459]: | processing connection L2TP-PSK-NAT[25] 190.181.129.34</div><div>Jun 27 17:16:57 mail pluto[28459]: | event added at head of queue</div>
<div>Jun 27 17:16:58 mail pluto[28459]: | processing connection L2TP-PSK-NAT[25] 190.181.129.34</div><div>Jun 27 17:16:58 mail pluto[28459]: "L2TP-PSK-NAT"[25] 190.181.129.34 #20: byte 7 of ISAKMP NAT-OA Payload must be zero, but is not</div>
<div>Jun 27 17:16:58 mail pluto[28459]: "L2TP-PSK-NAT"[25] 190.181.129.34 #20: malformed payload in packet</div><div>Jun 27 17:16:58 mail pluto[28459]: | payload malformed after IV</div><div>Jun 27 17:16:58 mail pluto[28459]: | 19 63 c9 4c a7 85 4d cd 09 17 18 65 f4 c5 24 60</div>
<div>Jun 27 17:16:58 mail pluto[28459]: "L2TP-PSK-NAT"[25] 190.181.129.34 #20: sending notification PAYLOAD_MALFORMED to <a href="http://190.181.129.34:4500">190.181.129.34:4500</a></div><div>Jun 27 17:17:01 mail CRON[12126]: pam_unix(cron:session): session opened for user root by (uid=0)</div>
<div>Jun 27 17:17:01 mail CRON[12126]: pam_unix(cron:session): session closed for user root</div><div>Jun 27 17:17:01 mail pluto[28459]: | processing connection L2TP-PSK-NAT[25] 190.181.129.34</div><div>Jun 27 17:17:01 mail pluto[28459]: "L2TP-PSK-NAT"[25] 190.181.129.34 #20: byte 7 of ISAKMP NAT-OA Payload must be zero, but is not</div>
<div>Jun 27 17:17:01 mail pluto[28459]: "L2TP-PSK-NAT"[25] 190.181.129.34 #20: malformed payload in packet</div><div>Jun 27 17:17:01 mail pluto[28459]: | payload malformed after IV</div><div>Jun 27 17:17:01 mail pluto[28459]: | 19 63 c9 4c a7 85 4d cd 09 17 18 65 f4 c5 24 60</div>
<div>Jun 27 17:17:01 mail pluto[28459]: "L2TP-PSK-NAT"[25] 190.181.129.34 #20: sending notification PAYLOAD_MALFORMED to <a href="http://190.181.129.34:4500">190.181.129.34:4500</a></div><div>Jun 27 17:17:04 mail pluto[28459]: | processing connection L2TP-PSK-NAT[25] 190.181.129.34</div>
<div>Jun 27 17:17:04 mail pluto[28459]: "L2TP-PSK-NAT"[25] 190.181.129.34 #20: byte 7 of ISAKMP NAT-OA Payload must be zero, but is not</div><div>Jun 27 17:17:04 mail pluto[28459]: "L2TP-PSK-NAT"[25] 190.181.129.34 #20: malformed payload in packet</div>
<div>Jun 27 17:17:04 mail pluto[28459]: | payload malformed after IV</div><div>Jun 27 17:17:04 mail pluto[28459]: | 19 63 c9 4c a7 85 4d cd 09 17 18 65 f4 c5 24 60</div><div>Jun 27 17:17:04 mail pluto[28459]: "L2TP-PSK-NAT"[25] 190.181.129.34 #20: sending notification PAYLOAD_MALFORMED to <a href="http://190.181.129.34:4500">190.181.129.34:4500</a></div>
<div>Jun 27 17:17:09 mail pluto[28459]: initiate on demand from <a href="http://190.181.129.37:1701">190.181.129.37:1701</a> to <a href="http://190.181.129.34:40078">190.181.129.34:40078</a> proto=17 state: fos_start because: acquire</div>
<div>Jun 27 17:17:17 mail pluto[28459]: | processing connection L2TP-PSK-NAT[25] 190.181.129.34</div><div>Jun 27 17:17:17 mail pluto[28459]: | processing connection L2TP-PSK-NAT[25] 190.181.129.34</div><div>Jun 27 17:17:17 mail pluto[28459]: | event added after event EVENT_PENDING_DDNS</div>
<div>Jun 27 17:17:17 mail pluto[28459]: | rejected packet:</div><div>Jun 27 17:17:17 mail pluto[28459]: | ff</div><div>Jun 27 17:17:17 mail pluto[28459]: | control:</div><div>Jun 27 17:17:17 mail pluto[28459]: | 18 00 00 00 00 00 00 00 08 00 00 00 03 00 00 00</div>
<div>Jun 27 17:17:17 mail pluto[28459]: | be b5 81 25 be b5 81 25 2c 00 00 00 00 00 00 00</div><div>Jun 27 17:17:17 mail pluto[28459]: | 0b 00 00 00 6f 00 00 00 02 03 03 00 00 00 00 00</div><div>Jun 27 17:17:17 mail pluto[28459]: | 00 00 00 00 02 00 00 00 be b5 81 22 00 00 00 00</div>
<div>Jun 27 17:17:17 mail pluto[28459]: | 00 00 00 00</div><div>Jun 27 17:17:17 mail pluto[28459]: | name:</div><div>Jun 27 17:17:17 mail pluto[28459]: | 02 00 11 94 be b5 81 22 00 00 00 00 00 00 00 00</div><div>Jun 27 17:17:22 mail pluto[28459]: | event added after event EVENT_NAT_T_KEEPALIVE</div>
<div><br></div><div>My ipsec.conf is this:</div><div><br></div><div><div>config setup</div><div> nat_traversal=yes</div><div> #virtual_private=%v4:<a href="http://10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!10.152.2.0/24">10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!10.152.2.0/24</a></div>
<div> #virtual_private=%4:<a href="http://10.0.0.0/8,%v4:172.16.0.0/12,%v4:!192.168.0.0/24">10.0.0.0/8,%v4:172.16.0.0/12,%v4:!192.168.0.0/24</a></div><div> virtual_private=%v4:<a href="http://192.168.0.0/16,%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v4:!10.254.253.0/24,%v4:!172.16.8.0/16">192.168.0.0/16,%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v4:!10.254.253.0/24,%v4:!172.16.8.0/16</a></div>
<div> protostack=netkey</div><div> oe=off</div><div> #nhelpers=0</div><div> plutodebug=controlmore</div><div><br></div><div>conn L2TP-PSK-NAT</div><div> rightsubnet=vhost:%priv</div><div>
also=L2TP-PSK-noNAT</div><div><br></div><div>conn L2TP-PSK-noNAT</div><div> authby=secret</div><div> #phase2=esp</div><div> #phase2alg=aes128-sha1;modp1024</div><div> pfs=no</div><div> auto=add</div>
<div> keyingtries=3</div><div> rekey=no</div><div> dpddelay=30</div><div> dpdtimeout=120</div><div> ikelifetime=8h</div><div> keylife=1h</div><div> type=transport</div><div>
left=190.181.129.37</div><div> leftnexthop=190.181.129.33</div></div><div><div>leftprotoport=17/1701</div><div> right=%any</div><div> rightprotoport=17/%any</div><div> forceencaps=yes</div>
<div><br></div><div>#conn passthrough-for-non-l2tp</div><div> #type=passthrough</div><div> #left=1721.21.1.10</div><div> #leftnexthop=172.21.1.1</div><div> #right=0.0.0.0</div><div> #rightsubnet=<a href="http://0.0.0.0/0">0.0.0.0/0</a></div>
<div> #auto=route</div></div><div><br></div><div><br></div>-- <br>Ubuntu es una palabra africana que quiere decir: "Gente que no pudo instalar Debian"<br>
</div>