Scope:
This solution replies to:
- NG Firewall firmware versions 4.2.x, 5.0.x, 5.2.x
- netfence firmware versions 4.2.x
- NG Firewall firmware versions 4.2.x, 5.0.x, 5.2.x
- netfence firmware versions 4.2.x
Symptoms:
This messages are reported in the "Log" > "<Servername>" > "<Servicename>" > "ike.log":
dropped message from x.x.x.x port 500 due to notification type PAYLOAD_MALFORMEDdropped message from x.x.x.x port 500 due to notification type INVALID_PAYLOAD_TYPE
dropped message from x.x.x.x port 500 due to notification type INVALID_COOKIE
What does it mean?
Solution:
dropped message from x.x.x.x port 500 due to notification type PAYLOAD_MALFORMED
dropped message from x.x.x.x port 500 due to notification type INVALID_PAYLOAD_TYPE
These errors do indicate that the preshared-key does not match on the two peers. The result of this will be that the encrypted fifth main-mode packet will be "incorrectly" decrypted, or decrypted with another key.
dropped message from x.x.x.x port 500 due to notification type INVALID_COOKIE
This error indicate, that the configuration of Phase1 or Phase2 does not match between both peers.
Link to This Page:
https://campus.barracuda.com/solution/50160000000IKbAAAW