OPNsense Forum

Archive => 17.1 Legacy Series => Topic started by: Space on April 17, 2017, 01:24:40 pm

Title: [SOLVED] IPsec with 17.1.4 - [IKE] received PAYLOAD_MALFORMED error notify
Post by: Space on April 17, 2017, 01:24:40 pm
Hello,

I had IPsec running some time ago with 16.7 but I wanted to use OpenVPN since I wanted to add several clients / roadwarriors. I have OpenVPN running but the Android client is not as flexible as I would like. So I wanted to switch back to IPsec. I have setup IPsec according to the cookbook (https://docs.opnsense.org/manual/how-tos/ipsec-road.html (https://docs.opnsense.org/manual/how-tos/ipsec-road.html) but I can't get it to run. I get the following messages in logfile:

Code: [Select]
Apr 17 13:08:28 charon: 11[IKE] deleting IKE_SA con1[101] between <wan_ip>[IPsec]...<public_ip>[IPsec]
Apr 17 13:08:28 charon: 11[IKE] received DELETE for IKE_SA con1[101]
Apr 17 13:08:28 charon: 11[ENC] parsed INFORMATIONAL_V1 request 249 [ HASH D ]
Apr 17 13:08:28 charon: 11[NET] received packet: from <public_ip>[55749] to <wan_ip>[4500] (84 bytes)
Apr 17 13:08:28 charon: 08[IKE] received PAYLOAD_MALFORMED error notify
Apr 17 13:08:28 charon: 08[ENC] parsed INFORMATIONAL_V1 request 2559521190 [ HASH N(PLD_MAL) ]
Apr 17 13:08:28 charon: 08[NET] received packet: from <public_ip>[55749] to <wan_ip>[4500] (68 bytes)
Apr 17 13:08:28 charon: 10[NET] sending packet: from <wan_ip>[4500] to <public_ip>[55749] (100 bytes)
Apr 17 13:08:28 charon: 10[ENC] generating TRANSACTION response 960004112 [ HASH CPRP(ADDR SUBNET U_SPLITINC) ]
Apr 17 13:08:28 charon: 10[IKE] assigning virtual IP 10.10.10.2 to peer

I have no idea what setting to change or if this is a problem of 17.1.x series ... I know I had it running with 16.7.

Does anyone have an idea?

Thanks and best regards,

    Jochen
Title: Re: [SOLVED] IPsec with 17.1.4 - [IKE] received PAYLOAD_MALFORMED error notify
Post by: Space on April 24, 2017, 08:24:37 pm
Looks like a reboot solved this issue ...