[SOLVED] 2.2.2->2.2.3,IPSEC:"invalid HASH_V1 payload length, decryption failed?"



  • Hello,

    after upgrading pfSense from the version 2.2.2 to 2.2.3 our IPSEC for mobile clients has stopped to work. All clients get the message "gateway authentication error".
    In the logs appears the message "invalid HASH_V1 payload length, decryption failed?".

    We use Shrew Soft VPNCLIENT v.2.2.2 on Windows 7 and Windows XP.

    Unfortunately we had to switch back to the version 2.2.2

    Here is a cut from the log file (in the reversed order):

    
    Jun 25 13:32:55	charon: 14[IKE] <con4|1>INFORMATIONAL_V1 request with message ID 2583112657 processing failed
    Jun 25 13:32:55	charon: 14[IKE] <con4|1>INFORMATIONAL_V1 request with message ID 2583112657 processing failed
    Jun 25 13:32:55	charon: 14[IKE] <con4|1>ignore malformed INFORMATIONAL request
    Jun 25 13:32:55	charon: 14[IKE] <con4|1>ignore malformed INFORMATIONAL request
    Jun 25 13:32:55	charon: 14[IKE] <con4|1>message parsing failed
    Jun 25 13:32:55	charon: 14[IKE] <con4|1>message parsing failed
    Jun 25 13:32:55	charon: 14[ENC] <con4|1>could not decrypt payloads
    Jun 25 13:32:55	charon: 14[ENC] <con4|1>invalid HASH_V1 payload length, decryption failed?
    Jun 25 13:32:55	charon: 14[NET] <con4|1>received packet: from XX.XX.XX.XX[4500] to YY.YY.YY.YY[4500] (92 bytes)
    Jun 25 13:32:55	charon: 12[IKE] <con4|1>AGGRESSIVE request with message ID 0 processing failed
    Jun 25 13:32:55	charon: 12[IKE] <con4|1>AGGRESSIVE request with message ID 0 processing failed
    Jun 25 13:32:55	charon: 12[NET] <con4|1>sending packet: from YY.YY.YY.YY[500] to XX.XX.XX.XX[500] (76 bytes)
    Jun 25 13:32:55	charon: 12[ENC] <con4|1>generating INFORMATIONAL_V1 request 4038421101 [ HASH N(PLD_MAL) ]
    Jun 25 13:32:55	charon: 12[IKE] <con4|1>message parsing failed
    Jun 25 13:32:55	charon: 12[IKE] <con4|1>message parsing failed
    Jun 25 13:32:55	charon: 12[ENC] <con4|1>could not decrypt payloads
    Jun 25 13:32:55	charon: 12[ENC] <con4|1>invalid HASH_V1 payload length, decryption failed?
    Jun 25 13:32:55	charon: 12[NET] <con4|1>received packet: from XX.XX.XX.XX[4500] to YY.YY.YY.YY[4500] (108 bytes)
    Jun 25 13:32:55	charon: 12[NET] <con4|1>sending packet: from YY.YY.YY.YY[500] to XX.XX.XX.XX[500] (432 bytes)
    Jun 25 13:32:55	charon: 12[ENC] <con4|1>generating AGGRESSIVE response 0 [ SA KE No ID NAT-D NAT-D HASH V V V V V ]
    Jun 25 13:32:55	charon: 12[CFG] <1> selected peer config "con4"
    Jun 25 13:32:55	charon: 12[CFG] <1> looking for XAuthInitPSK peer configs matching YY.YY.YY.YY...XX.XX.XX.XX[vpn@xxxxx.xxxxx.xxx]
    Jun 25 13:32:55	charon: 12[IKE] <1> XX.XX.XX.XX is initiating a Aggressive Mode IKE_SA
    Jun 25 13:32:55	charon: 12[IKE] <1> XX.XX.XX.XX is initiating a Aggressive Mode IKE_SA
    Jun 25 13:32:55	charon: 12[IKE] <1> received Cisco Unity vendor ID
    Jun 25 13:32:55	charon: 12[IKE] <1> received Cisco Unity vendor ID
    Jun 25 13:32:55	charon: 12[ENC] <1> received unknown vendor ID: 84:04:ad:f9:cd:a0:57:60:b2:ca:29:2e:4b:ff:53:7b
    Jun 25 13:32:55	charon: 12[ENC] <1> received unknown vendor ID: 16:6f:93:2d:55:eb:64:d8:e4:df:4f:d3:7e:23:13:f0:d0:fd:84:51
    Jun 25 13:32:55	charon: 12[ENC] <1> received unknown vendor ID: f1:4b:94:b7:bf:f1:fe:f0:27:73:b8:c4:9f:ed:ed:26
    Jun 25 13:32:55	charon: 12[ENC] <1> received unknown vendor ID: 3b:90:31:dc:e4:fc:f8:8b:48:9a:92:39:63:dd:0c:49
    Jun 25 13:32:55	charon: 12[IKE] <1> received DPD vendor ID
    Jun 25 13:32:55	charon: 12[IKE] <1> received DPD vendor ID
    Jun 25 13:32:55	charon: 12[IKE] <1> received FRAGMENTATION vendor ID
    Jun 25 13:32:55	charon: 12[IKE] <1> received FRAGMENTATION vendor ID
    Jun 25 13:32:55	charon: 12[IKE] <1> received NAT-T (RFC 3947) vendor ID
    Jun 25 13:32:55	charon: 12[IKE] <1> received NAT-T (RFC 3947) vendor ID
    Jun 25 13:32:55	charon: 12[IKE] <1> received draft-ietf-ipsec-nat-t-ike-03 vendor ID
    Jun 25 13:32:55	charon: 12[IKE] <1> received draft-ietf-ipsec-nat-t-ike-03 vendor ID
    Jun 25 13:32:55	charon: 12[IKE] <1> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
    Jun 25 13:32:55	charon: 12[IKE] <1> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
    Jun 25 13:32:55	charon: 12[ENC] <1> received unknown vendor ID: 16:f6:ca:16:e4:a4:06:6d:83:82:1a:0f:0a:ea:a8:62
    Jun 25 13:32:55	charon: 12[IKE] <1> received draft-ietf-ipsec-nat-t-ike-00 vendor ID
    Jun 25 13:32:55	charon: 12[IKE] <1> received draft-ietf-ipsec-nat-t-ike-00 vendor ID
    Jun 25 13:32:55	charon: 12[IKE] <1> received XAuth vendor ID
    Jun 25 13:32:55	charon: 12[IKE] <1> received XAuth vendor ID
    Jun 25 13:32:55	charon: 12[ENC] <1> parsed AGGRESSIVE request 0 [ SA KE No ID V V V V V V V V V V V V V ]
    Jun 25 13:32:55	charon: 12[NET] <1> received packet: from XX.XX.XX.XX[500] to YY.YY.YY.YY[500] (1190 bytes)</con4|1></con4|1></con4|1></con4|1></con4|1></con4|1></con4|1></con4|1></con4|1></con4|1></con4|1></con4|1></con4|1></con4|1></con4|1></con4|1></con4|1></con4|1></con4|1></con4|1> 
    

    We have the following IPSEC Phase 1 configuration:

    Key Exchange version: V1
    Internet Protocol: IPv4
    Interface: YY.YY.YY.YY (WAN-CARP)

    Phase 1 proposal  (Authentication)

    Authentication method: Mutual PSK + Xauth
    Negotiation mode: Aggressive
    My identifier: My IP address
    Peer identifier: User destinguished name - vpn@xxxxx.xxxxx.xxx
    Pre-Shared Key: …..............................................

    Phase 1 proposal (Algorithms)

    Encryption algorithm: AES 256 bit
    Hash algorithm: SHA1
    DH key group: 2 (1024 bit)

    Lifetime: 36000 seconds

    Advanced Options

    Disable Rekey: NO
    Responder Only: NO
    NAT Traversal: Force
    Dead Peer Detection: NO

    Best regards
    yarick123



  • I'm seeing the same issue with mobile IPSec connections from iOS and OS X that were working with 2.2.2. The client gets a notification "The VPN Shared Secret is incorrect" and the HASH_V1 error pops up in the pfSense logs.

    I have another 2.2.2 installation I can use for my mobile clients and the site-to-site IPSec tunnels are working fine between 2.2.2 and 2.2.3, but nothing I have reconfigured with the 2.2.3 installation works for mobile IPSec.



  • The problem seems to be solved by upgrade 2.2.2 -> 2.2.4.

    Thank you very much!

    Regards
    yarick123



  • Can you really confirm, that your described behaviour is solved by upgrading 2.2.2 -> 2.2.4 ?

    I tried my slightly different configuration, which was working with 2.1.X versions and upgraded to 2.2.4
    But I still get the error of "invalid HASH_V1 payload length, decryption failed".

    After that I changed my configuration exactly to what you reported, still I get the same error …
    Therefore my question, if you really can confirm that is is solved for you with updating to 2.2.4



  • @ocz:

    Can you really confirm, that your described behaviour is solved by upgrading 2.2.2 -> 2.2.4 ?

    Where the root problem is the same, yes, upgrading will fix it. For any IPsec issues on 2.2.x versions along the lines of what you're seeing, first upgrade to 2.2.4.

    Since you're already there and seeing the same, that's likely a circumstance where the configuration was wrong to begin with, but happened to work. Primarily the situation described here:
    https://doc.pfsense.org/index.php/Upgrade_Guide#Stricter_Phase_1_Identifier_Validation

    You're best off starting a new thread describing what you're doing, what logs you're getting, etc. There are countless possible reasons you can get decryption failed logs, and the circumstance OP described is definitely fine in 2.2.4.