Hello Joel, the DPD implementation of the IPsec peer on the remote side seems to be broken. The DPD RFC 3706
http://tools.ietf.org/html/rfc3706#section-5.3 states: - SPI Size (1 octet) - SHOULD be set to sixteen (16), the length of two octet-sized ISAKMP cookies. but the SPI size is set to 0: : DPD: R_U_THERE has invalid SPI length (0) Regards Andreas On 27.11.2012 05:51, Joel Duckworth wrote: > Hey guys, I'm running with Vyatta 6.5 (I believe that is using > StrongSwan) connecting to Amazon AWS VPN > > Any idea what these message mean and what might be causing them? It > seems they are DPD message being sent to my side. > > /var/log/messages:Nov 27 10:58:51 hostname pluto[3586]: packet from > 54.240.204.91:500 <http://54.240.204.91:500>: received Vendor ID payload > [Dead Peer Detection] > /var/log/messages:Nov 27 10:58:51 hostname pluto[3586]: > "peer-54.240.204.91-tunnel-vti" #97135: responding to Main Mode > /var/log/messages:Nov 27 10:58:51 hostname pluto[3586]: > "peer-54.240.204.91-tunnel-vti" #97135: Peer ID is ID_IPV4_ADDR: > '54.240.204.91' > /var/log/messages:Nov 27 10:58:51 hostname pluto[3586]: > "peer-54.240.204.91-tunnel-vti" #97135: sent MR3, ISAKMP SA established > /var/log/messages:Nov 27 10:58:51 hostname pluto[3586]: > "peer-54.240.204.91-tunnel-vti" #97135: *DPD: R_U_THERE has invalid SPI > length (0*) > /var/log/messages:Nov 27 10:58:51 hostname pluto[3586]: > "peer-54.240.204.91-tunnel-vti" #97135: *sending encrypted notification > PAYLOAD_MALFORMED to 54.240.204.91:500 <http://54.240.204.91:500>* > /var/log/messages:Nov 27 10:58:56 hostname pluto[3586]: packet from > 54.240.204.92:500 <http://54.240.204.92:500>: received Vendor ID payload > [Dead Peer Detection] > /var/log/messages:Nov 27 10:58:56 hostname pluto[3586]: > "peer-54.240.204.92-tunnel-vti" #97136: responding to Main Mode > /var/log/messages:Nov 27 10:58:56 hostname pluto[3586]: > "peer-54.240.204.92-tunnel-vti" #97136: Peer ID is ID_IPV4_ADDR: > '54.240.204.92' > /var/log/messages:Nov 27 10:58:56 hostname pluto[3586]: > "peer-54.240.204.92-tunnel-vti" #97136: sent MR3, ISAKMP SA established > /var/log/messages:Nov 27 10:58:56 hostname pluto[3586]: > "peer-54.240.204.92-tunnel-vti" #97136: *DPD: R_U_THERE has invalid SPI > length (0)* > /var/log/messages:Nov 27 10:58:56 hostname pluto[3586]: > "peer-54.240.204.92-tunnel-vti" #97136: sending encrypted notification > *PAYLOAD_MALFORMED to 54.240.204.92:500 <http://54.240.204.92:500>* > > Thanks, Joel ====================================================================== Andreas Steffen [email protected] strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
