I recently encountered the following error while attempting to connect to a SonicWall IPsec VPN using strongSwan:

payload type ID_V1 was not encrypted

This issue has been encountered in Chromium OS and subsequently fixed. The fix was upstreamed to strongSwan and included in strongSwan 5.2.0 and later behind the charon.accept_unencrypted_mainmode_messages configuration option. Users encountering the above error may want to include the following in /etc/strongswan.conf:

charon {
    accept_unencrypted_mainmode_messages = yes

On Debian-based distributions this can be accomplished by editing the appropriate line in /etc/strongswan.d/charon.conf.