Online Support

You are trying to open a VPN tunnel and you are experiencing the following error:

Error VPN088: "Payload Malformed" (Phase 1 Algorithm mismatch).

The message "Payload Malformed" was received during the IKE exchange. It means the Phase 1 algorithms doesn't match the gateway configuration.

Note: this message may also be received on various values mismatches, thus it is useful you check the whole VPN configuration.

Console message example:
20090429 114920 Default (SA Cnx-P1) SEND phase 1 Main Mode [SA][VID]
20090429 114920 Default (SA Cnx-P1) RECV phase 1 Main Mode [NOTIFY]
20090429 114920 Default exchange_run: exchange_validate failed
20090429 114920 Default dropped message from port 500 due to notification type PAYLOAD_MALFORMED
20090429 114920 Default SEND Informational [NOTIFY] with PAYLOAD_MALFORMED error

You may:
  • Check the VPN Client Phase 1 algorithms to be consistent with the gateway (or peer) Phase 1 algorithms.
  • Check the IP address range.
  • Check the Local and remote IDs.
    Warning: the local ID on the router is the remote ID on the VPN Client and conversely !
  • Check the PFS to be activated or not on both peers (Client and Router).
  • Restart the router.