[Swan] malformed payload error

Paul Wouters paul at nohats.ca
Sat Mar 7 02:46:51 EET 2015


On Fri, 6 Mar 2015, David Mansfield wrote:

> I'm attempting to set up a tunnel using libreswan-3.8-6.el7_0.x86_64 on 
> centos 7.

Can you try the 3.12 build? It came out yesterday for RHEL-7.1, not sure
if Centos has picked it up yet. But it should be an easy rpm recompile
with the newer version (and older patches removed)

It is also possibly you have a wrong PSK.

>> Mar  6 13:49:37 ipsec-gateway pluto[3647]: | phase 1 is done, looking for 
>> phase 2 to unpend
>
> So is it possible my phase 2 algorithms don't match? It's computing a "phase 
> 2 iv" and then decrypting then:

No your phase1 did not come up....

Paul


More information about the Swan mailing list