Patrick Hemmen wrote:
Hello all,
I have two OpenBSD machines for a redundancy VPN-Gateway. They use
carp to share one IP-Address and sasyncd to synchronize SAs and SPDs.
I setup a ipsec-tunnel in /etc/ipsec.conf. The tunnel isn't
established and the error "PAYLOAD_MALFORMED" appears in the logs.
With tcpdump I can see that the initial packet (isakmp v1.0 exchange
ID_PROT) to establish the tunnel come from the host IP-Address and not
from the carp address.
Thanks in advance.
Patrick
Maybe it's the humidity.
Maybe it's something in your ipsec.conf file.
Based on the info you have provided so far, both seem to be about as
like as each other .... ;)
ipsec.conf
ifconfig -A
maybe a quote from your dumps
and perhaps a bit of logging info ....
