Hi There! We are using a strongswan server based on version 4.5.3 against which a bunch of iOS devices are connecting in as VPN clients. Most of the tunnels get established fine; however, intermittently, I would say, one in fifty connections do not go through. On such failure cases I see the following log lines on the server. (More logs below) == next payload type of ISAKMP Identification Payload has an unknown value: 155 == In the various different failure cases I get a different 'unknown' value (e.g. 155, 23, 84 etc) each time. I did some searches on strongswan and other relevant forums and only hint I found seemed to suggest that the PSK's might not have matched on both ends. But, we are not using PSK's; our authentication is certificate-based!! Also, if this is of any relevance, we are using NAT-T. Thus, any clue what might be going on here? And what I can try to fix or diagnose this better? Thanks, Gautam Ghose
== relevant pluto logs from the server == Oct 15 22:10:59 concentrator pluto[30683]: | *received 292 bytes from <public-ip-address>:212 on eth0 Oct 15 22:10:59 concentrator pluto[30683]: | ICOOKIE: 92 4e 2e 06 45 b2 e2 f4 Oct 15 22:10:59 concentrator pluto[30683]: | RCOOKIE: 1e 5f 16 0b 46 84 51 e4 Oct 15 22:10:59 concentrator pluto[30683]: | peer: 43 34 d8 12 Oct 15 22:10:59 concentrator pluto[30683]: | state hash entry 31 Oct 15 22:10:59 concentrator pluto[30683]: | state object #2529395 found, in STATE_MAIN_R1 Oct 15 22:10:59 concentrator pluto[30683]: "CertSite_4048_34562_79972430-3100-4230-a161-d12ebb061fc4_0"[765336] <public-ip-address>:212 #2529395: NAT-Traversal: Result using RFC 3947: peer is NATed Oct 15 22:10:59 concentrator pluto[30683]: | inserting event EVENT_RETRANSMIT, timeout in 4 seconds for #2529395 ... ... Oct 15 22:10:59 concentrator pluto[30683]: | *received 1980 bytes from <public-ip-address>:17757 on eth0 Oct 15 22:10:59 concentrator pluto[30683]: | ICOOKIE: 92 4e 2e 06 45 b2 e2 f4 Oct 15 22:10:59 concentrator pluto[30683]: | RCOOKIE: 1e 5f 16 0b 46 84 51 e4 Oct 15 22:10:59 concentrator pluto[30683]: | peer: 43 34 d8 12 Oct 15 22:10:59 concentrator pluto[30683]: | state hash entry 31 Oct 15 22:10:59 concentrator pluto[30683]: | state object #2529395 found, in STATE_MAIN_R2 Oct 15 22:10:59 concentrator pluto[30683]: "CertSite_4048_34562_79972430-3100-4230-a161-d12ebb061fc4_0"[765336] <public-ip-address>:212 #2529395: next payload type of ISAKMP Identification Payload has an unknown value: 155 Oct 15 22:10:59 concentrator pluto[30683]: "CertSite_4048_34562_79972430-3100-4230-a161-d12ebb061fc4_0"[765336] <public-ip-address>:212 #2529395: malformed payload in packet Oct 15 22:10:59 concentrator pluto[30683]: "CertSite_4048_34562_79972430-3100-4230-a161-d12ebb061fc4_0"[765336] <public-ip-address>:212 #2529395: sending encrypted notification PAYLOAD_MALFORMED to 67.52.216.18:212 == END OF relevant pluto logs from the server == _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
