Exchange type 6



  • I'm trying to get ShrewSoft VPN client to do IPSec to the pfSense. All goes well (I think!) until ISAKMP fails with an exchange type 6:

    Nov 13 23:52:17 	racoon: ERROR: Invalid exchange type 6 from 213.208.116.33[500].
    Nov 13 23:52:17 	racoon: INFO: ISAKMP-SA established 10.230.10.2[500]-213.208.116.33[500] spi:6301b7c71343d988:d97babeee7cdd9f6
    Nov 13 23:52:17 	racoon: INFO: received Vendor ID: DPD
    Nov 13 23:52:17 	racoon: INFO: received broken Microsoft ID: FRAGMENTATION
    Nov 13 23:52:17 	racoon: INFO: received Vendor ID: RFC 3947
    Nov 13 23:52:17 	racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02
    Nov 13 23:52:17 	racoon: INFO: received Vendor ID: CISCO-UNITY
    Nov 13 23:52:17 	racoon: INFO: begin Aggressive mode.
    Nov 13 23:52:17 	racoon: INFO: respond new phase 1 negotiation: 10.230.10.2[500]<=>213.208.116.33[500]
    

    Anyone know what this means, or how to fix it? I'm assuming this is phase 2 since it stops before this if I make a mess of phase 1.



  • I am also having this exact same issue..

    I just tried 1.0, and the 2.0 Alpha of the Shrew Soft client. The client hangs at "Bringing up tunnel" and the pfsense ipsec logs

    "racoon: ERROR: Invalid exchange type 6 from xxx.xxx.xxx.xxx"

    I've tried all that I can think.. This post is actually the first thing that came up on google.. :)

    Riley



  • OMG! Now world+dog will think it's me that's broken it  :o



  • Yepp I got the same problem and have anyone any clue to solve it???

    Greetings, Marcel


Locked