This would be caused by the incorrect use of the passphrase, or the incorrect order of variables in the string that is MD5 hashed to generate the signature.
Although this signature is generated in the same way as the signature on the POST to PayFast, the signature is different as it is generated using the return variables.
Bad access of page
This error is caused either by the notify URL not responding with a 200 OK, or if the valid data security check fails. The valid data security check confirms that the data received by the notify URL matches the data sent by PayFast. You will need to ensure that CURL is enabled on your server and setup to be able to receive external data.
This error is due to the amount sent in the ITN not matching the amount stored in your DB for the transaction in question.
Bad source IP address
This error is caused by the ITN not being received from a specified PayFast source. This is often due to the use of a proxy server.