[vpn-help] Fwd: invalid message from gateway

Matthew Grooms mgrooms at shrew.net
Wed Mar 3 22:59:35 CST 2010


On 2/27/2010 6:30 AM, Libor Arndt wrote:
> Hello,
>
> I set debug level in registry and got the log output, so again:
>
>
> I succesfully imported a pcf profile with 2.1.6 beta.
> I imported certificate (the same pfx file for server, client and private
> key, I hope it's ok).
> Unfortunately I got invalid message from gateway
>
...
> 10/02/27 13:17:30 ii : processing phase1 packet ( 1472 bytes )
> 10/02/27 13:17:30 =<  : cookies dd5895241fbc3554:d3aab0972360e1c8
> 10/02/27 13:17:30 =<  : message 00000000
> 10/02/27 13:17:30 !! : unprocessed payload data
> 10/02/27 13:17:30 !! : invalid certificate request size ( 42028>  4096 )
> 10/02/27 13:17:30 !! : unprocessed payload data
> 10/02/27 13:17:30 ii : phase1 removal before expire time
> 10/02/27 13:17:30 ww : ike packet from 62.141.6.250 ignored, unknown
> phase1 sa for peer
> 10/02/27 13:17:30 ww : dd5895241fbc3554:d3aab0972360e1c8
> 10/02/27 13:17:30 DB : removing tunnel config references
> 10/02/27 13:17:30 DB : removing tunnel phase2 references
> 10/02/27 13:17:30 DB : removing tunnel phase1 references
> 10/02/27 13:17:30 DB : removing all peer tunnel refrences
> 10/02/27 13:17:30 ii : ipc client process thread exit ...
>

Your certificate request size is 42k? That doesn't sound right. Please 
forward me the decrypted IKE packet dump in a private email and I'll 
take a look at it.

-Matthew



More information about the vpn-help mailing list