[strongSwan] Notification message 40501 connecting to Cisco router

Tue, 09 Jun 2009 11:33:02 -0700 

Hi,
 
This is my first post to this forum.  I would like to thank everyone that has 
worked on this project.  I have been using strongSwan in a road warrior 
configuration to connect to Cisco routers.  I have been able to do this with 
several customers but recently when I tried to connect to a new customer I 
received a 40501 Notification message.  After doing some research on the 
Internet I found the following email indicating that this notification relates 
to Cisco load balancing:
http://sourceforge.net/mailarchive/forum.php?thread_name=alpine.lfd.2.00.0901271415230.2...@oynqr.eqh.erqung.pbz&forum_name=ipsec-tools-devel
 
Has strongSwan been tested with Cisco load balancing?  Has anyone else run into 
this problem?
 
I found a work around to the problem by connecting to the last server in the 
load balancing cluster, which does not return the 40501 notification, and the 
connection works fine.   This will due for my initial testing but without 
support for load balancing I will not be able to use strongSwan.  The output 
from the failed connection follows:
 
# ipsec up test
002 "test" #1: initiating Main Mode
104 "test" #1: STATE_MAIN_I1: initiate
003 "test" #1: ignoring Vendor ID payload [FRAGMENTATION c0000000]
106 "test" #1: STATE_MAIN_I2: sent MI2, expecting MR2
003 "test" #1: ignoring Vendor ID payload [Cisco-Unity]
003 "test" #1: received Vendor ID payload [XAUTH]
003 "test" #1: ignoring Vendor ID payload [79d4400d1135dfa224392efd403473aa]
003 "test" #1: ignoring Vendor ID payload [Cisco VPN 3000 Series]
108 "test" #1: STATE_MAIN_I3: sent MI3, expecting MR3
003 "test" #1: received Vendor ID payload [Dead Peer Detection]
002 "test" #1: Peer ID is ID_FQDN: '@test.localdomain'
002 "test" #1: ISAKMP SA established
004 "test" #1: STATE_MAIN_I4: ISAKMP SA established
003 "test" #1: Notify Message Type of ISAKMP Notification Payload has an 
unknown value: 40501
003 "test" #1: malformed payload in packet

 
Thanks,
 
Rod
 
_______________________________________________
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users

Reply via email to