I recently encountered the following error while attempting to connect to a SonicWall IPsec VPN using strongSwan:
payload type ID_V1 was not encrypted
This issue has been encountered in Chromium OS and
subsequently fixed. The
fix was upstreamed to
strongSwan
and included in strongSwan 5.2.0 and later behind the
charon.accept_unencrypted_mainmode_messages configuration option. Users
encountering the above error may want to include the following in
/etc/strongswan.conf:
charon {
accept_unencrypted_mainmode_messages = yes
}
On Debian-based distributions this can be accomplished by editing the
appropriate line in /etc/strongswan.d/charon.conf.
