Phase 2 : "invalid HASH_V1 payload length" error



  • I have a really strange problem, establishing VPN tunnel between pfSense 2.3.2-RELEASE-p1 and Sophos SG (based on Astaro, uses Pluto as IKE daemon).
    I have 2 local networks (pfSense side) and 3 distant networks (Sophos side). If I configure two firewalls with such 6 phases 2 - the tunnel does not work. But if I leave just one configured network in Sophos configuration (for pfSense side) - the tunnel works correctly. It works for both present networks separately, but not in the same time. The networks are completely different (10.192.20.0/24 and 192.168.32.0/24).
    When the tunnel is down I can see in logs that Phase 1 and Phase 2 negotiations are successful for phase 1 and for all phases 2 present, BUT in pfSense logs I se the following errors:

    Jan 11 18:07:24 firewall charon: 11[NET] <con1000|6> received packet: from sss.sss.214.38[500] to sss.sss.188.161[500] (68 bytes)
    Jan 11 18:07:24 firewall charon: 11[ENC] <con1000|6> invalid HASH_V1 payload length, decryption failed?
    Jan 11 18:07:24 firewall charon: 11[ENC] <con1000|6> could not decrypt payloads
    Jan 11 18:07:24 firewall charon: 11[IKE] <con1000|6> message parsing failed
    Jan 11 18:07:24 firewall charon: 11[ENC] <con1000|6> generating INFORMATIONAL_V1 request 83928482 [ HASH N(PLD_MAL) ]
    Jan 11 18:07:24 firewall charon: 11[NET] <con1000|6> sending packet: from sss.sss.188.161[500] to sss.sss.214.38[500] (84 bytes)
    Jan 11 18:07:24 firewall charon: 11[IKE] <con1000|6> QUICK_MODE request with message ID 820365128 processing failed
    

    Evidently, Sophos does not know what to do with such packet and just drops PAYLOAD_MALFORMED. It continues to send packets (the tunnel is 'up'), but pfSense cannot decrypt them.
    Once again, if I use just ONE network (only Sophos configuration is changed!) on pfSense side - the tunnel works correctly, for both networks. So there is no problem with PSK, choosing proposals etc.
    Looks like a bug, but where? Pluto?
    Any ideas?



  • @peter2121 said in Phase 2 : "invalid HASH_V1 payload length" error:

    invalid HASH_V1 payload length

    It seems that we touched the issue explained here:
    https://wiki.strongswan.org/issues/1120
    So, we need to increase a number of simultaneous phase 2 negotiations in StrongSWan config:
    https://wiki.strongswan.org/issues/1128
    Is it possible on pfSense?
    PS
    I think to update the version to 2.4.4 this evening, so it would be interesting to see the instructions for both 2.3.2 and 2.4.4 versions.



  • @peter2121
    Hey
    I correctly understand that it is a question here about this setting ?
    Charon.max_ikev1_exchanges = 3
    Maximum number of IKEv1 phase 2 exchange for IKE_SA store state and
    he track at the same time.

    If so, you should do so
    Diagnostics/Edit File
    Open the file /etc/inc / vpn.inc
    Looking for here's a snippet
    0_1547570076831_c09778d1-59ab-49fc-80e5-c62674f683d4-image.png

    Make it so (Do not delete anything, add only one line)

    0_1547569738819_65815783-0426-4ec5-9d59-259fc9802e60-image.png

    Save file
    Continue
    VPN/IPSEC/IPSEC tunnels / Edit phase 1 entry / (Change nothing) / Save
    Apply changes
    Restart service
    and check



  • @peter2121 Wanted to know if my decision helped ?



  • @konstanti said in Phase 2 : "invalid HASH_V1 payload length" error:

    @peter2121 Wanted to know if my decision helped ?

    Thank you, I could change StrongSWan parameters using your advise.
    I still have problems with my tunnels though :(
    Probably, there are several problems, I've just eliminated the first one.



  • @konstanti Setting the key max_ikey1_exchanges = 6 fixed my problem with

    invalid HASH_V1 payload length, decryption failed?
    

    and consequently this error message:

    no matching CHILD_SA config found
    

    Will this change in /etc/inc/vpn.inc be retained after reboots and such?

    Thanks!



  • @cukal

    These changes will persist until the system is updated
    After you update the file vpn.inc will be overwritten
    And all the changes will have to be made again



  • @Konstanti Thanks for your reply.
    Is there a specific reason the number of max_ikey1_exchanges is 6?
    I'm seeing some issues with a public IP where multiple P1's (with P2's) are enabled but each time with different remote peers.
    Problem I'm having is a P1 with 5 P2's, that connection still logs invalid HASH_V1 payload length, decryption failed?

    Thanks!



  • @cukal
    The first post of this topic says that there are 6 phases 2. Therefore, I wrote that it is necessary to specify this number



  • @Konstanti Thanks for pointing that out to me ;)

    2.4.4-p2 is messing up IPSec tunnels for me.

    Using the max_ikey1_exchanges fixes it for a while but after a P1 renegotiation (set to 3600) the invalid HASH_V1 payload length, decryption failed? returns. When manually disconnecting the P1 it reconnects and a single P2 is created. Disconnecting a second time and all 3 P2's are again present.
    This config has been working for months on 2.4.3-p1.

    Where should I start looking?


Log in to reply