NAT-D payload #1 doesn't match? (but is working OK…?)
-
I've configured pfSense v2.0 with IPsec and am connecting with my iPhone 5 (iOS 6.0) and it connects fine and appears to be working, but I'm examining the raccoon logs and I see the following message:
(top message is most recent, log is in reversed order)
racoon: INFO: Adding remote and local NAT-D payloads. racoon: [Self]: [173.163.150.33] INFO: Hashing 173.163.150.33[500] with algo #2 racoon: [166.137.96.222] INFO: Hashing 166.137.96.222[61941] with algo #2 racoon: INFO: NAT detected: PEER racoon: INFO: NAT-D payload #1 doesn't match racoon: [166.137.96.222] INFO: Hashing 166.137.96.222[61941] with algo #2 racoon: INFO: NAT-D payload #0 verified racoon: [Self]: [173.163.150.33] INFO: Hashing 173.163.150.33[500] with algo #2
Everything seems to be working fine with the VPN, but I saw the "NAT-D payload #1 doesn't match" message and I started investigating.
It looks like this is normal and these NAT-D payloads are used to test for the presense of NAT but I thought I'd post here and double-check and nothing is wrong with my configuration.
Thanks,
John