On Tue, 29 Jan 2019, Alex wrote:
Jan 29 20:36:53.923873: "bwimail03-arcade" #5: Signature check (on @arcade) failed (wrong key?); tried *AwEAAfVyj Jan 29 20:36:53.923902: | public key for @arcade failed: decrypted SIG payload into a malformed ECB (SIG length does not match public key le ngth)
I haven't seen this error before....
It's also interesting to note that on the remote system (arcade), it seems to think the link is up:
Yes, because the arcade authenticated endpoint, installed the VPN connection, then send its last IKE packet containing its authentication proof, which upon your end receiving you have rejected. So as far as arcade knows, the tunnel is up. (technically, our end is supported to send an encrypted informational exchange message with delete and notify payload AUTHENTICATION_FAILED, but we don't) Paul _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
