Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT-D payload #1 doesn't match? (but is working OK…?)

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 6.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sofakng
      last edited by

      I've configured pfSense v2.0 with IPsec and am connecting with my iPhone 5 (iOS 6.0) and it connects fine and appears to be working, but I'm examining the raccoon logs and I see the following message:

      (top message is most recent, log is in reversed order)

      racoon: INFO: Adding remote and local NAT-D payloads.
racoon: [Self]: [173.163.150.33] INFO: Hashing 173.163.150.33[500] with algo #2
racoon: [166.137.96.222] INFO: Hashing 166.137.96.222[61941] with algo #2
racoon: INFO: NAT detected: PEER
racoon: INFO: NAT-D payload #1 doesn't match
racoon: [166.137.96.222] INFO: Hashing 166.137.96.222[61941] with algo #2
racoon: INFO: NAT-D payload #0 verified
racoon: [Self]: [173.163.150.33] INFO: Hashing 173.163.150.33[500] with algo #2

      Everything seems to be working fine with the VPN, but I saw the "NAT-D payload #1 doesn't match" message and I started investigating.

      It looks like this is normal and these NAT-D payloads are used to test for the presense of NAT but I thought I'd post here and double-check and nothing is wrong with my configuration.

      Thanks,
      John

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.