Applies to: Seclore Cloud VPN

Error: AWS tunnel payload decryption was unsuccessful due to invalid Pre-shared Key


AWS tunnel detected a pre-shared key mismatch with cgw: xxxx


  • The same pre-Shared key needs to be configured on both IKE Peers, Seclore AWS, and the customer's end.
  • Kindly get in touch with Seclore Support to get the correct Pre-shared key configured with your VPN tunnels.
  • If you want to generate your custom Pre-shared key, kindly adhere to the supported key policy: "The pre-shared key must have 8–64 characters. Valid characters: A-Z, a-z, 0-9, _ and . (dot) The key cannot begin with a zero." and please share the same with the Seclore Support team.

Other similar issues.

Peer is not responsive - Declaring peer dead (DPD issue)

AWS tunnel received DELETE for Phase 2 SA with SPI: xxxx

Trouble Logging into PS Despite Working VPN

Need more help? 

Contact Seclore Support Chat Live