diff --git a/l2tpns.c b/l2tpns.c
index f5ccff9..7938d90 100644
--- a/l2tpns.c
+++ b/l2tpns.c
@@ -4715,6 +4715,7 @@ void processudp(uint8_t *buf, int len, struct sockaddr_in *addr, uint16_t indexu
 					{
 						if (n <= sizeof(authresp))
 						{
+						  memset(authresp, 0, sizeof(authresp));
 							memcpy(authresp, b, n);
 							authrespn = n;
 							LOG(4, s, t, "   Proxy Auth Response\n");
@@ -8619,6 +8620,10 @@ static void unhide_value(uint8_t *value, size_t len, uint16_t type, uint8_t *vec
 	size_t d = 0;
 	uint16_t m = htons(type);
 
+	// remember first block
+	uint8_t firstcipher[16];
+	memcpy(firstcipher, value, 16);
+
 	// Compute initial pad
 	MD5_Init(&ctx);
 	MD5_Update(&ctx, (unsigned char *) &m, 2);
@@ -8636,7 +8641,7 @@ static void unhide_value(uint8_t *value, size_t len, uint16_t type, uint8_t *vec
 		{
 			MD5_Init(&ctx);
 			MD5_Update(&ctx, config->l2tp_secret, strlen(config->l2tp_secret));
-			MD5_Update(&ctx, last, sizeof(digest));
+			MD5_Update(&ctx, firstcipher, sizeof(digest));
 			MD5_Final(digest, &ctx);
 
 			d = 0;