Results 1 to 3 of 3
  1. #1
    Newbie shaaka's Avatar
    Join Date
    Dec 2017
    Posts
    3

    Default IPSEC VPN cannot connect from client - IP Sec log

    Can someone help me resolving the IPSEC VPN connectivity error?
    Looks like the error is due to "could not decrypt payloads" in quote


    Jan 24 15:49:48 untangle charon: 08[JOB] deleting half open IKE_SA after timeout
    Jan 24 15:49:41 untangle charon: 02[IKE] ID_PROT request with message ID 0 processing failed
    Jan 24 15:49:41 untangle charon: 02[NET] sending packet: from XXX.XX.XXX.XX[500] to XXX.XX.XXX.XX[275] (68 bytes)
    Jan 24 15:49:41 untangle charon: 02[ENC] generating INFORMATIONAL_V1 request 4269358054 [ HASH N(PLD_MAL) ]
    Jan 24 15:49:41 untangle charon: 02[IKE] message parsing failed
    Jan 24 15:49:41 untangle charon: 02[ENC] could not decrypt payloads
    Jan 24 15:49:41 untangle charon: 02[ENC] invalid ID_V1 payload length, decryption failed?
    Jan 24 15:49:41 untangle charon: 02[NET] received packet: from XXX.XX.XXX.XX[20435] to XXX.XX.XXX.XX[4500] (76 bytes)
    Jan 24 15:49:38 untangle charon: 10[IKE] ID_PROT request with message ID 0 processing failed
    Jan 24 15:49:38 untangle charon: 10[NET] sending packet: from XXX.XX.XXX.XX[500] to XXX.XX.XXX.XX[275] (68 bytes)
    Jan 24 15:49:38 untangle charon: 10[ENC] generating INFORMATIONAL_V1 request 1623302599 [ HASH N(PLD_MAL) ]
    Jan 24 15:49:38 untangle charon: 10[IKE] message parsing failed
    Jan 24 15:49:38 untangle charon: 10[ENC] could not decrypt payloads
    Jan 24 15:49:38 untangle charon: 10[ENC] invalid ID_V1 payload length, decryption failed?
    Jan 24 15:49:38 untangle charon: 10[NET] received packet: from XXX.XX.XXX.XX[20435] to XXX.XX.XXX.XX[4500] (76 bytes)
    Jan 24 15:49:35 untangle charon: 03[IKE] ID_PROT request with message ID 0 processing failed
    Jan 24 15:49:35 untangle charon: 03[NET] sending packet: from XXX.XX.XXX.XX[500] to XXX.XX.XXX.XX[275] (68 bytes)
    Jan 24 15:49:35 untangle charon: 03[ENC] generating INFORMATIONAL_V1 request 1735490045 [ HASH N(PLD_MAL) ]
    Jan 24 15:49:35 untangle charon: 03[IKE] message parsing failed
    Jan 24 15:49:35 untangle charon: 03[ENC] could not decrypt payloads
    Jan 24 15:49:35 untangle charon: 03[ENC] invalid ID_V1 payload length, decryption failed?
    Jan 24 15:49:35 untangle charon: 03[NET] received packet: from XXX.XX.XXX.XX[20435] to XXX.XX.XXX.XX[4500] (76 bytes)
    Jan 24 15:49:33 untangle charon: 12[IKE] ID_PROT request with message ID 0 processing failed
    Jan 24 15:49:33 untangle charon: 12[NET] sending packet: from XXX.XX.XXX.XX[500] to XXX.XX.XXX.XX[275] (68 bytes)
    Jan 24 15:49:33 untangle charon: 12[ENC] generating INFORMATIONAL_V1 request 4055973510 [ HASH N(PLD_MAL) ]
    Jan 24 15:49:33 untangle charon: 12[IKE] message parsing failed
    Jan 24 15:49:33 untangle charon: 12[ENC] could not decrypt payloads
    Jan 24 15:49:33 untangle charon: 12[ENC] invalid ID_V1 payload length, decryption failed?
    Jan 24 15:49:33 untangle charon: 12[NET] received packet: from XXX.XX.XXX.XX[20435] to XXX.XX.XXX.XX[4500] (76 bytes)
    Jan 24 15:49:30 untangle charon: 05[IKE] ID_PROT request with message ID 0 processing failed
    Jan 24 15:49:30 untangle charon: 05[NET] sending packet: from XXX.XX.XXX.XX[500] to XXX.XX.XXX.XX[275] (68 bytes)
    Jan 24 15:49:30 untangle charon: 05[ENC] generating INFORMATIONAL_V1 request 2052216688 [ HASH N(PLD_MAL) ]
    Jan 24 15:49:30 untangle charon: 05[IKE] message parsing failed
    Jan 24 15:49:30 untangle charon: 05[ENC] could not decrypt payloads
    Jan 24 15:49:30 untangle charon: 05[ENC] invalid ID_V1 payload length, decryption failed?
    Jan 24 15:49:30 untangle charon: 05[NET] received packet: from XXX.XX.XXX.XX[20435] to XXX.XX.XXX.XX[4500] (76 bytes)
    Jan 24 15:49:24 untangle charon: 08[IKE] ID_PROT request with message ID 0 processing failed
    Jan 24 15:49:24 untangle charon: 08[NET] sending packet: from XXX.XX.XXX.XX[500] to XXX.XX.XXX.XX[275] (68 bytes)
    Jan 24 15:49:24 untangle charon: 08[ENC] generating INFORMATIONAL_V1 request 2121119776 [ HASH N(PLD_MAL) ]
    Jan 24 15:49:24 untangle charon: 08[IKE] message parsing failed
    Jan 24 15:49:24 untangle charon: 08[ENC] could not decrypt payloads
    Jan 24 15:49:24 untangle charon: 08[ENC] invalid ID_V1 payload length, decryption failed?
    Jan 24 15:49:24 untangle charon: 08[NET] received packet: from XXX.XX.XXX.XX[20435] to XXX.XX.XXX.XX[4500] (76 bytes)
    Jan 24 15:49:21 untangle charon: 06[IKE] ID_PROT request with message ID 0 processing failed
    Jan 24 15:49:21 untangle charon: 06[NET] sending packet: from XXX.XX.XXX.XX[500] to XXX.XX.XXX.XX[275] (68 bytes)
    Jan 24 15:49:21 untangle charon: 06[ENC] generating INFORMATIONAL_V1 request 3902750570 [ HASH N(PLD_MAL) ]
    Jan 24 15:49:21 untangle charon: 06[IKE] message parsing failed
    Jan 24 15:49:21 untangle charon: 06[ENC] could not decrypt payloads
    Jan 24 15:49:21 untangle charon: 06[ENC] invalid ID_V1 payload length, decryption failed?
    Jan 24 15:49:21 untangle charon: 06[NET] received packet: from XXX.XX.XXX.XX[20435] to XXX.XX.XXX.XX[4500] (76 bytes)
    Jan 24 15:49:18 untangle charon: 06[IKE] ID_PROT request with message ID 0 processing failed
    Jan 24 15:49:18 untangle charon: 06[NET] sending packet: from XXX.XX.XXX.XX[500] to XXX.XX.XXX.XX[275] (68 bytes)
    Jan 24 15:49:18 untangle charon: 06[ENC] generating INFORMATIONAL_V1 request 3337894045 [ HASH N(PLD_MAL) ]
    Jan 24 15:49:18 untangle charon: 06[IKE] message parsing failed
    Jan 24 15:49:18 untangle charon: 06[ENC] could not decrypt payloads
    Jan 24 15:49:18 untangle charon: 06[ENC] invalid ID_V1 payload length, decryption failed?
    Jan 24 15:49:18 untangle charon: 06[NET] received packet: from XXX.XX.XXX.XX[20435] to XXX.XX.XXX.XX[4500] (76 bytes)
    Jan 24 15:49:18 untangle charon: 10[NET] sending packet: from XXX.XX.XXX.XX[500] to XXX.XX.XXX.XX[275] (236 bytes)
    Jan 24 15:49:18 untangle charon: 10[ENC] generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
    Jan 24 15:49:18 untangle charon: 10[IKE] remote host is behind NAT
    Jan 24 15:49:18 untangle charon: 10[IKE] local host is behind NAT, sending keep alives
    Jan 24 15:49:18 untangle charon: 10[ENC] parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
    Jan 24 15:49:18 untangle charon: 10[NET] received packet: from XXX.XX.XXX.XX[275] to XXX.XX.XXX.XX[500] (220 bytes)
    Jan 24 15:49:18 untangle charon: 14[NET] sending packet: from XXX.XX.XXX.XX[500] to XXX.XX.XXX.XX[275] (132 bytes)
    Jan 24 15:49:18 untangle charon: 14[ENC] generating ID_PROT response 0 [ SA V V V ]
    Jan 24 15:49:18 untangle charon: 14[IKE] XXX.XX.XXX.XX is initiating a Main Mode IKE_SA
    Jan 24 15:49:18 untangle charon: 14[IKE] XXX.XX.XXX.XX is initiating a Main Mode IKE_SA
    Jan 24 15:49:18 untangle charon: 14[IKE] received DPD vendor ID
    Jan 24 15:49:18 untangle charon: 14[IKE] received FRAGMENTATION vendor ID
    Jan 24 15:49:18 untangle charon: 14[IKE] received draft-ietf-ipsec-nat-t-ike-00 vendor ID
    Jan 24 15:49:18 untangle charon: 14[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
    Jan 24 15:49:18 untangle charon: 14[IKE] received draft-ietf-ipsec-nat-t-ike-02 vendor ID
    Jan 24 15:49:18 untangle charon: 14[IKE] received NAT-T (RFC 3947) vendor ID
    Jan 24 15:49:18 untangle charon: 14[ENC] parsed ID_PROT request 0 [ SA V V V V V V ]
    Jan 24 15:49:18 untangle charon: 14[NET] received packet: from XXX.XX.XXX.XX[275] to XXX.XX.XXX.XX[500] (580 bytes)

  2. #2
    Untangler drewstreib's Avatar
    Join Date
    Jan 2018
    Location
    San Jose, CA
    Posts
    45

    Default

    At its simplest, that could be just a pre-shared key mismatch.

    Edit: A reasonable online explanation: https://wiki.strongswan.org/projects...ryption-failed

  3. #3
    Newbie shaaka's Avatar
    Join Date
    Dec 2017
    Posts
    3

    Default

    Thanks that error is gone now.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2