IPSec troubles
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
||||||||||
|
Posted by on August 24, 2007, 11:56 am
Please log in for more thread options Cisco indicates that the reserved not zero on payload/malformed payload errors are due to a mismatch on the secret key and/or mismatch of hash/algorith, etc. However, I have reviewed this settings and both sides match... Anyone know what else this could mean?? Here is the debug: crypto_isakmp_process_block:src:aa.aa.aa.aa, dest:bb.bb.bb.bb spt:500 dpt:500 OAK_MM exchange ISAKMP (0): processing SA payload. message ID = 0 ISAKMP (0): Checking ISAKMP transform 1 against priority 20 policy ISAKMP: life type in seconds ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80 ISAKMP: encryption 3DES-CBC ISAKMP: auth pre-share ISAKMP: hash MD5 ISAKMP: default group 2 ISAKMP (0): atts are acceptable. Next payload is 0 ISAKMP (0): SA is doing pre-shared key authentication using id type ID_FQDN return status is IKMP_NO_ERROR crypto_isakmp_process_block:src:aa.aa.aa.aa, dest:bb.bb.bb.bb spt:500 dpt:500 OAK_MM exchange ISAKMP (0): processing KE payload. message ID = 0 ISAKMP (0): processing NONCE payload. message ID = 0 ISAKMP (0): processing vendor id payload return status is IKMP_NO_ERROR crypto_isakmp_process_block:src:aa.aa.aa.aa, dest:bb.bb.bb.bb spt:500 dpt:500 OAK_MM exchange ISAKMP (0): processing ID payload. message ID = 0 ISAKMP (0): processing HASH payload. message ID = 0 ISAKMP (0): SA has been authenticated ISAKMP (0): ID payload next-payload : 8 type : 2 protocol : 17 port : 500 length : 18 ISAKMP (0): Total payload length: 22 return status is IKMP_NO_ERROR ISAKMP (0): sending INITIAL_CONTACT notify ISAKMP (0): sending NOTIFY message 24578 protocol 1 ISAKMP (0): sending phase 1 RESPONDER_LIFETIME notify ISAKMP (0): sending NOTIFY message 24576 protocol 1 VPN Peer: ISAKMP: Added new peer: ip:aa.aa.aa.aa/500 Total VPN Peers:1 VPN Peer: ISAKMP: Peer ip:aa.aa.aa.aa/500 Ref cnt incremented to:1 Total VPN Peers:1 crypto_isakmp_process_block:src:aa.aa.aa.aa, dest:bb.bb.bb.bb spt:500 dpt:500 ISAKMP: reserved not zero on payload 5! ISAKMP: malformed payload crypto_isakmp_process_block:src:aa.aa.aa.aa, dest:bb.bb.bb.bb spt:500 dpt:500 ISAKMP: reserved not zero on payload 5! ISAKMP: malformed payload crypto_isakmp_process_block:src:aa.aa.aa.aa, dest:bb.bb.bb.bb spt:500 dpt:500 ISAKMP: reserved not zero on payload 5! ISAKMP: malformed payload | ||||||||||
| Similar Threads | Posted |
| IPSec troubles | August 24, 2007, 11:56 am |
| PIX LAN-to-LAN troubles | August 16, 2005, 11:40 am |
| VPN Troubles | August 17, 2006, 8:46 pm |
| Browser troubles behind PIX | May 31, 2006, 4:37 pm |
| Cisco ASA and VPN troubles | April 10, 2007, 8:46 am |
| PIX 515 upgrade troubles | May 5, 2008, 10:48 am |
| Cisco 575 and 2950 LRE troubles | September 12, 2005, 7:12 pm |
| Newbie DMZ traffic troubles | December 22, 2005, 1:09 am |
| PPTP VPN and DHCP troubles... | June 14, 2007, 6:12 am |
| PIX troubles H.323 even with fixup disabled | August 15, 2007, 9:12 am |
| OSPF and EIGRP interaction troubles | August 25, 2005, 2:17 am |
| Troubles with Cisco 2620 Router? | October 27, 2005, 11:43 pm |
| aironet 1100 ios upgrade troubles | April 9, 2007, 5:56 am |
| troubles to get acl' working on a 3750 with ip routing | March 2, 2006, 5:41 am |
| Failing Phase2 Auth - IPSec - All IPSec SA proposals found unacceptable | November 26, 2008, 7:37 pm |