Exchange type 6

PurpleOfPants

I'm trying to get ShrewSoft VPN client to do IPSec to the pfSense. All goes well (I think!) until ISAKMP fails with an exchange type 6:

Nov 13 23:52:17 	racoon: ERROR: Invalid exchange type 6 from 213.208.116.33[500].
Nov 13 23:52:17 	racoon: INFO: ISAKMP-SA established 10.230.10.2[500]-213.208.116.33[500] spi:6301b7c71343d988:d97babeee7cdd9f6
Nov 13 23:52:17 	racoon: INFO: received Vendor ID: DPD
Nov 13 23:52:17 	racoon: INFO: received broken Microsoft ID: FRAGMENTATION
Nov 13 23:52:17 	racoon: INFO: received Vendor ID: RFC 3947
Nov 13 23:52:17 	racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
Nov 13 23:52:17 	racoon: INFO: received Vendor ID: CISCO-UNITY
Nov 13 23:52:17 	racoon: INFO: begin Aggressive mode.
Nov 13 23:52:17 	racoon: INFO: respond new phase 1 negotiation: 10.230.10.2[500]<=>213.208.116.33[500]

Anyone know what this means, or how to fix it? I'm assuming this is phase 2 since it stops before this if I make a mess of phase 1.

Skud

I am also having this exact same issue..

I just tried 1.0, and the 2.0 Alpha of the Shrew Soft client. The client hangs at "Bringing up tunnel" and the pfsense ipsec logs

"racoon: ERROR: Invalid exchange type 6 from xxx.xxx.xxx.xxx"

I've tried all that I can think.. This post is actually the first thing that came up on google.. :)

Riley

PurpleOfPants

OMG! Now world+dog will think it's me that's broken it  :o

msatter

Yepp I got the same problem and have anyone any clue to solve it???

Greetings, Marcel