Tobias Brunner tobias at strongswan.org
Wed Jun 13 11:05:24 CEST 2018

Hi Marco,

> parsed INFORMATIONAL_V1 request 1775796517 [ HASH N(CRIT) ]
> received UNSUPPORTED_CRITICAL_PAYLOAD error notify

This is a bit misleading as UNSUPPORTED_CRITICAL_PAYLOAD is the IKEv2
meaning/name of notify type 1.  It has a different meaning in IKEv1:
INVALID-PAYLOAD-TYPE.  Why exactly you'd get this as response to a Quick
Mode request I don't know.

Maybe the peer wasn't able to decrypt the message properly, or it didn't
like one of the payloads (e.g. because it was configured not to use PFS
and didn't expect a KE payload).  As strongSwan is the initiator of the
exchange and the peer is a Windows 10 host I'd guess that this is a
rekeying.  So it could also be because it doesn't like being responder
of a rekeying (Windows has/had the same problem with IKEv2 CHILD_SA
rekeyings, see [1]).



More information about the Users mailing list