Connecting two Drayteks over IPSec

We are currently aiming to connect a Draytek VigorPro 5510 with a Draytek Vigor 3900 using an IPSec tunnel.  The 5510 is the dial out router and the 3900 the dial in.

The configs are as follows:
IKE Phase1 Proposal: AE128 G1
Authentication: SHA1/MD5
Phase2 Proposal 3DES without auth
Auth: All
Perfect forward Secret: Disabled

The error I can see in the Syslog are: Payload malformed and Payload malfornmed after IV

Were stumped on this one and would appreciate some input

Who is Participating?
David AtkinTechnical DirectorCommented:
According to this:

The message "Payload Malformed" was received during the IKE exchange. It means the Phase 1 algorithms doesn't match the gateway configuration.

Change the proposal on Phase1 to something else (on both Drayteks) and re-test.

There is a well written article by Draytek for IPSEC VPN Connections - See here:

You will have to register to view the article.
itd-helpdeskMSPAuthor Commented:
Thanks for the reply, I definatly have a good way forward from this.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.