Connecting two Drayteks over IPSec

We are currently aiming to connect a Draytek VigorPro 5510 with a Draytek Vigor 3900 using an IPSec tunnel.  The 5510 is the dial out router and the 3900 the dial in.

The configs are as follows:
IKE Phase1 Proposal: AE128 G1
Authentication: SHA1/MD5
Phase2 Proposal 3DES without auth
Auth: All
Perfect forward Secret: Disabled

The error I can see in the Syslog are: Payload malformed and Payload malfornmed after IV

Were stumped on this one and would appreciate some input

Cheers
itd-helpdeskMSPAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
David AtkinConnect With a Mentor Technical DirectorCommented:
According to this:
http://www.thegreenbow.com/support_flow.html?page=121058

The message "Payload Malformed" was received during the IKE exchange. It means the Phase 1 algorithms doesn't match the gateway configuration.

Change the proposal on Phase1 to something else (on both Drayteks) and re-test.

There is a well written article by Draytek for IPSEC VPN Connections - See here:
http://www.draytek.co.uk/support/guides/kb-lantolan-ipsec

You will have to register to view the article.
1
 
itd-helpdeskMSPAuthor Commented:
Thanks for the reply, I definatly have a good way forward from this.

Cheers
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.