openswan fails to establish phase1 with l2tpd after update

Solution In Progress - Updated -

Issue

After applying RHSA-2014:0185, a connection to a NATed Windows XP client using L2TP-IPsec cannot be established.

pluto[7581]: "L2TP-PSK-NAT-NET"[1] X.X.X.X #1: responding to Main Mode from unknown peer X.X.X.X
pluto[7581]: "L2TP-PSK-NAT-NET"[1] X.X.X.X #1: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
pluto[7581]: "L2TP-PSK-NAT-NET"[1] X.X.X.X #1: STATE_MAIN_R1: sent MR1, expecting MI2
pluto[7581]: "L2TP-PSK-NAT-NET"[1] X.X.X.X #1: next payload type of ISAKMP Nonce Payload has an unknown value: 130
pluto[7581]: "L2TP-PSK-NAT-NET"[1] X.X.X.X #1: malformed payload in packet
pluto[7581]: | payload malformed after IV
pluto[7581]: |
pluto[7581]: "L2TP-PSK-NAT-NET"[1] X.X.X.X #1: sending notification PAYLOAD_MALFORMED to X.X.X.X:500
pluto[7581]: "L2TP-PSK-NAT-NET"[1] X.X.X.X #1: next payload type of ISAKMP Nonce Payload has an unknown value: 130
pluto[7581]: "L2TP-PSK-NAT-NET"[1] X.X.X.X #1: malformed payload in packet

Environment

  • Red Hat Enterprise Linux 6
  • openswan-2.6.32-27.2.el6_5
  • L2TP-IPsec connection
  • Windows XP client behind NAT

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.