Written by I was getting this error and i had to surf the internet for 5 hours until i figured out the issue myself. I thought this might save others precious time. So the error i was getting
in the server was looking like this:
Apr 16 18:47:20 vpn pluto[6294]: “test2″ #1: probable authentication failure (mismatch of preshared secrets?): malformed payload in packet ed 0f 7a
Apr 16 18:47:20 vpn pluto[6294]: | payload malformed after IV
Apr 16 18:47:20 vpn pluto[6294]: | b3 39 dc a6 a7 2a 59 0f d9 06 4b 7f 4a
Apr 16 18:47:20 vpn pluto[6294]: “test2″ #1: sending notification PAYLOAD_MALFORMED to 81.141.210.226:500
On the client side i was getti
ng:
010 “test2″ #1: STATE_MAIN_I3: retransmission; will wait 40s for response
003 “test2″ #1: Informational Exchange message must be encrypted
003 “test2″ #1: discarding duplicate packet; already STATE_MAIN_I3
031 “test2″ #1: max number of retransmissions (2) reached STATE_MAIN_I3. Possible authentication failure: no acceptable response to our first encrypted message
I made sure there are no typos in ipsec.secrets but in the end I figured out the issue.
You have to have a new blank line after the PSK declaration in ipsec.secrets otherwise the system doesn't recognize it. Hope it helps.
Damned!!!!! I fighted this a couple of hours before finding your solution, and it works now!!! ARGH carriage return!!1!!!1!!
Trust me i had the same reaction after figuring it out
. I’m glad my post helped u out. All the best.
Worked for me! I’m so glad I stumbled upon your post before spending hours of looking in the wrong direction
Cheers!
include /etc/ipsec.d/*.secrets
xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy: PSK “test”
~
~
~
is this how the format should be?
yes that’s correct.