How to Fix “Informational Exchange message must be encrypted”

This is the error you might get while configuring Openswan. As I received this error when I was configuring openswan to connect my sonicwall vpn.

Error:

#1: Informational Exchange message must be encrypted

Solution:

Make sure you have set these parameters in your Sonicwall 
IKE (Phase 1) Proposal
DH Group: Group 5 (not 2)
Encryption: 3DES
Authentication: SHA1
Life Time: 28800

Ipsec (Phase 2) Proposal
Protocol: ESP
Encryption: 3DES
Authentication: SHA1
Check “Enable Perfect Forward Secrecy”
DH Group: Group 5
Life Time (seconds) 28800
Check these parameters in your linux machine
# vi /etc/ipsec.conf
       auth=esp
       esp=3DES-SHA1            # protocol used for authentication in sonicwall
       ike=3DES-SHA1

To view a screenshot of this page on sonicwall click on the following link

To have a look at all the configuration files and steps follow this page:
openswan configuration in Red Hat linux

Follow the below links for more tutorials

Leave a Comment