I am trying to set up an IPsec tunnel between a Zywall 5 and a GNU/Linux
firewall running racoon. I am using pre-shared keys and the phase 1
works fine. According to racoon phase 2 works, too. However I keep
seeing the following error messages:
May 21 20:26:21 linuxfw racoon: ERROR: packet shorter than isakmp header size (0, 3227832247, 28)
I already disabled padding in the racoon.conf since with padding phase 2
wasn't working. Apparently the Zywall has some padding settings that
don't match racoon's defaults. I've never seen "packet shorter than
isakmp header size" before, so does anybody have an idea what this is?
The Zywall in question sits behind a NAT firewall and uses NAT-T. This
works fine to a second Zywall, only the tunnel to racoon has problems.
)\._.,--....,'``. fL Let GNU/Linux work for you while you take a nap.
/, _.. \ _\ (`._ ,. R. Pfeiffer <lynx at luchs.at> + http://web.luchs.at/
`._.-(,_..'--(,_..'`-.;.' - System administration + Consulting + Teaching -
Got mail delivery problems? http://web.luchs.at/information/blockedmail.php