More information: The customer uses Mcafee Stonesoft. Phase 1 main auth hmac-md5 enc 3des group modp1024 lifetime 86400
Phase 2 quick auth hmac-md5 enc 3des group modp1024 lifetime 3600 psk xxxx Errors in the messages Sep 20 17:25:09 gw isakmpd[14702]: message_recv: cleartext phase 2 message Sep 20 17:25:09 gw isakmpd[14702]: dropped message from ip_client port 500 due to notification type INVALID_FLAGS Sep 20 17:25:16 gw isakmpd[14702]: message_recv: invalid cookie(s) 385f90768ec871e1 928fe1b941afcfe4 Sep 20 17:25:16 gw isakmpd[14702]: dropped message from ip_client port 500 due to notification type INVALID_COOKIE Sep 20 17:25:25 gw isakmpd[14702]: message_recv: invalid cookie(s) 385f90768ec871e1 059208ff39accc6d Sep 20 17:25:25 gw isakmpd[14702]: dropped message from ip_client port 500 due to notification type INVALID_COOKIE Sep 20 17:25:36 gw isakmpd[14702]: transport_send_messages: giving up on exchange peer-ip_client, no response from peer ip_client:500 2017-09-18 11:30 GMT-03:00 Christiano Liberato <christianoliber...@gmail.com >: > Hi, > > I've been trying for days to close a tunnel with a client and I can not. > Logs always appear: > > message_recv: cleartext phase 2 message > dropped message from ipcliente port 500 due to notification type > INVALID_FLAGS > transport_send_messages: giving up on exchange peer-ipcliente, no response > from peer ipcliente:500 > > I've been looking for a lot on the internet and so far no solution. Just > ask to restart the tunnel on both sides. > On my side, I use openbsd 6.1. > Has anyone seen this error? > > Thanks!! >
