Hi Marco, > parsed INFORMATIONAL_V1 request 1775796517 [ HASH N(CRIT) ] > received UNSUPPORTED_CRITICAL_PAYLOAD error notify
This is a bit misleading as UNSUPPORTED_CRITICAL_PAYLOAD is the IKEv2 meaning/name of notify type 1. It has a different meaning in IKEv1: INVALID-PAYLOAD-TYPE. Why exactly you'd get this as response to a Quick Mode request I don't know. Maybe the peer wasn't able to decrypt the message properly, or it didn't like one of the payloads (e.g. because it was configured not to use PFS and didn't expect a KE payload). As strongSwan is the initiator of the exchange and the peer is a Windows 10 host I'd guess that this is a rekeying. So it could also be because it doesn't like being responder of a rekeying (Windows has/had the same problem with IKEv2 CHILD_SA rekeyings, see [1]). Regards, Tobias [1] https://wiki.strongswan.org/projects/strongswan/wiki/Windows7#Rekeying-behavior
