Unable to establish an IPsec PSK Tunnel to the Cloud Secure Web Gateway (Cloud SWG)

Cloud Secure Web Gateway (Cloud SWG)

A mismatched pre-shared key between the Cloud SWG Network location and the firewall/router VPN IPSec configuration profile.

Make sure that the PSK created in the Cloud portal under Connectivity > Locations is the same as the one being used in your Firewall IPSec tunnel configuration.

Type in the password manually as copying/pasting could inadvertently add a blank space.

An error stating the fact that this value is mismatched is not printed in the log, instead, these messages are shown:

Log output from the initiator (Router/Firewall):

[ENC] invalid HASH_V1 payload length, decryption failed?
ENC] could not decrypt payloads
[IKE] message parsing failed

Log output from the responder (Cloud SWG):

[ENC] invalid ID_V1 payload length, decryption failed?
[ENC] could not decrypt payloads
[IKE] message parsing failed
[WSS]Initiator=xx.xx.xx.xx_IP, message parsing failed, sending PLD_MAL