ISAKMP_N_PAYLOAD_MALFORMED(16), after upgrading pfSense 2.2.6 to 2.3.1
-
HI,
I was getting error: entering phase2_fatal, ISAKMP_N_PAYLOAD_MALFORMED(16), vpnc stopped with exit code=1, from my Note2 (using VpnCilla app, was working fine under pfSense 2.2.6).
The odd is, if uncheck pfSense Mobile Clients-> Client Configuration (mode-cfg)->Provide a list of accessible networks to clients, the above error is gone, was able to connect to IPSec tunnel. However,
Another weird thing is, I can connect to only few websites (e.g. forum.pfsense.org, https://www.dslreports.com/forum/rogers), but I can NOT connect to most of websites, including Google Playstore app. They were taken forever to connect to until timeout.
Again, with same configurations, they were working fine under 2.2.6. Any idea?
-
Okay, the solution for :
Another weird thing is, I can connect to only few websites (e.g. forum.pfsense.org, https://www.dslreports.com/forum/rogers), but I can NOT connect to most of websites, including Google Playstore app. They were taken forever to connect to until timeout.
Tick the VPN->IPsec->Advanced Settings->Advanced IPsec Settings->Enable Unity Plugin. so my suggestion to Dev team is to tick this new option by default when upgrading.
However, the ISAKMP_N_PAYLOAD_MALFORMED issue is still there if "Provide a list of accessible networks to clients" is ticked.
-
I was struggling for more than one week to make IPSec for mobile clients to work (only Android natively worked) and disabling "Provide a list of accessible networks to clients".
I don't know if it's a bug or a feature, but disabling "Provide a list of accessible networks to clients" works on 2.4-BETA too.