Hi everyone!, When I'm trying to connect my server using Strongswan Network Manager for linux or Strongswan VPN for Android and I'm getting the following error:
Client logs: Dec 6 03:59:46 linuxlite-VirtualBox charon-nm: 14[NET] received packet: from *.*.*.*[500] to 10.0.2.15[56910] (38 bytes) Dec 6 03:59:46 linuxlite-VirtualBox charon-nm: 14[ENC] parsed IKE_SA_INIT response 0 [ N(INVAL_KE) ] Dec 6 03:59:46 linuxlite-VirtualBox charon-nm: 14[IKE] peer didn't accept DH group MODP_2048, it requested MODP_1024 Dec 6 03:59:46 linuxlite-VirtualBox charon-nm: 14[IKE] initiating IKE_SA VPN connection 1[2] to *.*.*.* Dec 6 03:59:46 linuxlite-VirtualBox charon-nm: 14[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) ] Dec 6 03:59:46 linuxlite-VirtualBox charon-nm: 14[NET] sending packet: from 10.0.2.15[56910] to *.*.*.*[500] (1128 bytes) Dec 6 03:59:47 linuxlite-VirtualBox charon-nm: 15[NET] received packet: from *.*.*.*[500] to 10.0.2.15[56910] (328 bytes) Dec 6 03:59:47 linuxlite-VirtualBox charon-nm: 15[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) N(MULT_AUTH) ] Dec 6 03:59:47 linuxlite-VirtualBox charon-nm: 15[IKE] local host is behind NAT, sending keep alives Dec 6 03:59:47 linuxlite-VirtualBox charon-nm: 15[IKE] remote host is behind NAT Dec 6 03:59:47 linuxlite-VirtualBox charon-nm: 15[IKE] establishing CHILD_SA VPN connection 1 Dec 6 03:59:47 linuxlite-VirtualBox charon-nm: 15[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr CPRQ(ADDR DNS NBNS) SA TSi TSr N(MOBIKE_SUP) N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) ] Dec 6 03:59:47 linuxlite-VirtualBox charon-nm: 15[NET] sending packet: from 10.0.2.15[4500] to *.*.*.*[4500] (348 bytes) Dec 6 03:59:47 linuxlite-VirtualBox charon-nm: 16[NET] received packet: from *.*.*.*[4500] to 10.0.2.15[4500] (2028 bytes) Dec 6 03:59:47 linuxlite-VirtualBox charon-nm: 16[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ] Dec 6 03:59:47 linuxlite-VirtualBox charon-nm: 16[IKE] received end entity cert "C=com, O=myvpn, CN=*.*.*.*" Dec 6 03:59:47 linuxlite-VirtualBox charon-nm: 16[CFG] no issuer certificate found for "C=com, O=myvpn, CN=*.*.*.*" Dec 6 03:59:47 linuxlite-VirtualBox charon-nm: 16[CFG] using trusted certificate "C=com, O=myvpn, CN=*.*.*.*" Dec 6 03:59:47 linuxlite-VirtualBox charon-nm: 16[IKE] signature validation failed, looking for another key Dec 6 03:59:47 linuxlite-VirtualBox charon-nm: 16[CFG] using certificate "C=com, O=myvpn, CN=*.*.*.*" Dec 6 03:59:47 linuxlite-VirtualBox charon-nm: 16[CFG] no issuer certificate found for "C=com, O=myvpn, CN=*.*.*.*" Dec 6 03:59:47 linuxlite-VirtualBox charon-nm: 16[ENC] generating INFORMATIONAL request 2 [ N(AUTH_FAILED) ] Dec 6 03:59:47 linuxlite-VirtualBox charon-nm: 16[NET] sending packet: from 10.0.2.15[4500] to *.*.*.*[4500] (76 bytes) Dec 6 03:59:47 linuxlite-VirtualBox NetworkManager[901]: <warn> [1481025587.1913] vpn-connection[0x134c7e0,115781dc-3a16-4f78-83ac-d2d09d00431b,"VPN connection 1",0]: VPN plugin: failed: connect-failed (1) Dec 6 03:59:47 linuxlite-VirtualBox NetworkManager[901]: <info> [1481025587.1915] vpn-connection[0x134c7e0,115781dc-3a16-4f78-83ac-d2d09d00431b,"VPN connection 1",0]: VPN plugin: state changed: stopped (6) Dec 6 03:59:47 linuxlite-VirtualBox NetworkManager[901]: <info> [1481025587.1920] vpn-connection[0x134c7e0,115781dc-3a16-4f78-83ac-d2d09d00431b,"VPN connection 1",0]: VPN plugin: state change reason: unknown (0) Server Logs: Dec 6 07:24:38 02[MGR] IKE_SA IKEv2-EAP[2] successfully checked out Dec 6 07:24:38 02[NET] <IKEv2-EAP|2> received packet: from *.*.*.*[54942] to *.*.*.*[4500] (76 bytes) Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing body of message, first payload is ENCRYPTED Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> starting parsing a ENCRYPTED payload Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing ENCRYPTED payload, 48 bytes left Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing payload from => 48 bytes @ 0x7f8bac000f70 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 29 00 00 30 DE 8E 7A 8D DB AB 4B 52 BD 02 86 AE )..0..z...KR.... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 16: 3B A4 97 DE 4B DF 54 C3 D8 88 52 E4 39 DE 65 CF ;...K.T...R.9.e. Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 32: 93 E7 92 E6 39 2A BE D1 1A 45 8F 81 60 2C D8 CF ....9*...E..`,.. Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 0 U_INT_8 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 41 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 1 U_INT_8 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 2 PAYLOAD_LENGTH Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 48 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 3 CHUNK_DATA Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 44 bytes @ 0x7f8ba0000bb0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: DE 8E 7A 8D DB AB 4B 52 BD 02 86 AE 3B A4 97 DE ..z...KR....;... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 16: 4B DF 54 C3 D8 88 52 E4 39 DE 65 CF 93 E7 92 E6 K.T...R.9.e..... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 32: 39 2A BE D1 1A 45 8F 81 60 2C D8 CF 9*...E..`,.. Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing ENCRYPTED payload finished Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> verifying payload of type ENCRYPTED Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> ENCRYPTED payload verified, adding to payload list Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> ENCRYPTED payload found, stop parsing Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> process payload of type ENCRYPTED Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> found an encrypted payload Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> encrypted payload decryption: Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> IV => 16 bytes @ 0x7f8ba0000bb0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: DE 8E 7A 8D DB AB 4B 52 BD 02 86 AE 3B A4 97 DE ..z...KR....;... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> encrypted => 28 bytes @ 0x7f8ba0000bc0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 4B DF 54 C3 D8 88 52 E4 39 DE 65 CF 93 E7 92 E6 K.T...R.9.e..... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 16: 39 2A BE D1 1A 45 8F 81 60 2C D8 CF 9*...E..`,.. Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> ICV => 12 bytes @ 0x7f8ba0000bd0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 39 2A BE D1 1A 45 8F 81 60 2C D8 CF 9*...E..`,.. Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> assoc => 32 bytes @ 0x7f8ba0000c10 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 7F C8 54 2B 99 F3 C8 3C B6 AE 7A 15 F1 16 9C ED ..T+...<..z..... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 16: 2E 20 25 08 00 00 00 02 00 00 00 4C 29 00 00 30 . %........L)..0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> plain => 8 bytes @ 0x7f8ba0000bc0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 00 00 00 08 00 00 00 18 ........ Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> padding => 8 bytes @ 0x7f8ba0000bc8 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 57 0A 7D 3A B4 9C DB 07 W.}:.... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing NOTIFY payload, 8 bytes left Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing payload from => 8 bytes @ 0x7f8ba0000bc0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 00 00 00 08 00 00 00 18 ........ Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 0 U_INT_8 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 1 FLAG Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 2 RESERVED_BIT Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 3 RESERVED_BIT Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 4 RESERVED_BIT Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 5 RESERVED_BIT Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 6 RESERVED_BIT Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 7 RESERVED_BIT Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 8 RESERVED_BIT Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 9 PAYLOAD_LENGTH Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 8 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 10 U_INT_8 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 11 SPI_SIZE Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 12 U_INT_16 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 24 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 13 SPI Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 bytes @ (nil) Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing rule 14 CHUNK_DATA Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 bytes @ (nil) Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsing NOTIFY payload finished Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsed content of encrypted payload Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> insert decrypted payload of type NOTIFY at end of list Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> verifying message structure Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> found payload of type NOTIFY Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ] Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> added payload of type NOTIFY to message Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> order payloads in message Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> added payload of type NOTIFY to message Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating INFORMATIONAL response 2 [ N(AUTH_FAILED) ] Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> insert payload NOTIFY into encrypted payload Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating payload of type HEADER Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 0 IKE_SPI Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 8 bytes @ 0x7f8ba0001728 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 7F C8 54 2B 99 F3 C8 3C ..T+...< Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 1 IKE_SPI Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 8 bytes @ 0x7f8ba0001730 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: B6 AE 7A 15 F1 16 9C ED ..z..... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 2 U_INT_8 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 46 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 3 U_INT_4 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 32 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 4 U_INT_4 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 32 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 5 U_INT_8 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 37 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 6 RESERVED_BIT Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 7 RESERVED_BIT Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 8 FLAG Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 32 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 9 FLAG Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 32 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 10 FLAG Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 32 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 11 FLAG Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 32 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 12 FLAG Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 32 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 13 FLAG Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 32 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 14 U_INT_32 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 4 bytes @ 0x7f8bbfe028c4 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 00 00 00 02 .... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 15 HEADER_LENGTH Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 4 bytes @ 0x7f8bbfe028c4 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 00 00 00 1C .... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating HEADER payload finished Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generated data for this payload => 28 bytes @ 0x7f8ba0001420 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 7F C8 54 2B 99 F3 C8 3C B6 AE 7A 15 F1 16 9C ED ..T+...<..z..... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 16: 2E 20 25 20 00 00 00 02 00 00 00 1C . % ........ Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generated data of this generator => 28 bytes @ 0x7f8ba0001420 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 7F C8 54 2B 99 F3 C8 3C B6 AE 7A 15 F1 16 9C ED ..T+...<..z..... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 16: 2E 20 25 20 00 00 00 02 00 00 00 1C . % ........ Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating payload of type NOTIFY Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 0 U_INT_8 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 1 FLAG Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 2 RESERVED_BIT Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 3 RESERVED_BIT Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 4 RESERVED_BIT Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 5 RESERVED_BIT Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 6 RESERVED_BIT Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 7 RESERVED_BIT Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 8 RESERVED_BIT Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 9 PAYLOAD_LENGTH Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 2 bytes @ 0x7f8bbfe02a54 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 00 08 .. Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 10 U_INT_8 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 11 SPI_SIZE Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 12 U_INT_16 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 2 bytes @ 0x7f8bbfe02a54 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 00 18 .. Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 13 SPI Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 bytes @ (nil) Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 14 CHUNK_DATA Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 bytes @ (nil) Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating NOTIFY payload finished Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generated data for this payload => 8 bytes @ 0x7f8ba0001620 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 00 00 00 08 00 00 00 18 ........ Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generated data of this generator => 8 bytes @ 0x7f8ba0001620 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 00 00 00 08 00 00 00 18 ........ Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generated content in encrypted payload Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> encrypted payload encryption: Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> IV => 16 bytes @ 0x7f8ba0000bb0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: E5 A6 C1 F8 7B 09 D4 DA 88 AE DA 28 A9 EE 97 F6 ....{......(.... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> plain => 8 bytes @ 0x7f8ba0000bc0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 00 00 00 08 00 00 00 18 ........ Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> padding => 8 bytes @ 0x7f8ba0000bc8 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 49 DA 12 EA F7 7F C1 07 I....... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> assoc => 32 bytes @ 0x7f8ba0000c10 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 7F C8 54 2B 99 F3 C8 3C B6 AE 7A 15 F1 16 9C ED ..T+...<..z..... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 16: 2E 20 25 20 00 00 00 02 00 00 00 4C 29 00 00 30 . % .......L)..0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> encrypted => 16 bytes @ 0x7f8ba0000bc0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 0C A8 F1 88 DB B8 5B 9E 2A F9 34 EE F4 9E 86 C4 ......[.*.4..... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> ICV => 12 bytes @ 0x7f8ba0000bd0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 83 6A AE 3D 70 A7 51 4C 10 40 3E E9 .j.=p.QL.@>. Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating payload of type ENCRYPTED Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 0 U_INT_8 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 41 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 1 U_INT_8 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 2 PAYLOAD_LENGTH Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 2 bytes @ 0x7f8bbfe02af4 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 00 30 .0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating rule 3 CHUNK_DATA Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> => 44 bytes @ 0x7f8ba0000bb0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: E5 A6 C1 F8 7B 09 D4 DA 88 AE DA 28 A9 EE 97 F6 ....{......(.... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 16: 0C A8 F1 88 DB B8 5B 9E 2A F9 34 EE F4 9E 86 C4 ......[.*.4..... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 32: 83 6A AE 3D 70 A7 51 4C 10 40 3E E9 .j.=p.QL.@>. Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generating ENCRYPTED payload finished Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generated data for this payload => 48 bytes @ 0x7f8ba000143c Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 29 00 00 30 E5 A6 C1 F8 7B 09 D4 DA 88 AE DA 28 )..0....{......( Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 16: A9 EE 97 F6 0C A8 F1 88 DB B8 5B 9E 2A F9 34 EE ..........[.*.4. Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 32: F4 9E 86 C4 83 6A AE 3D 70 A7 51 4C 10 40 3E E9 .....j.=p.QL.@>. Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> generated data of this generator => 76 bytes @ 0x7f8ba0001420 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 0: 7F C8 54 2B 99 F3 C8 3C B6 AE 7A 15 F1 16 9C ED ..T+...<..z..... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 16: 2E 20 25 20 00 00 00 02 00 00 00 4C 29 00 00 30 . % .......L)..0 Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 32: E5 A6 C1 F8 7B 09 D4 DA 88 AE DA 28 A9 EE 97 F6 ....{......(.... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 48: 0C A8 F1 88 DB B8 5B 9E 2A F9 34 EE F4 9E 86 C4 ......[.*.4..... Dec 6 07:24:38 02[ENC] <IKEv2-EAP|2> 64: 83 6A AE 3D 70 A7 51 4C 10 40 3E E9 .j.=p.QL.@>. Dec 6 07:24:38 02[NET] <IKEv2-EAP|2> sending packet: from *.*.*.*[4500] to *.*.*.*[54942] (76 bytes) Dec 6 07:24:38 07[NET] sending packet: from *.*.*.*[4500] to *.*.*.*[54942] Dec 6 07:24:38 02[MGR] <IKEv2-EAP|2> checkin and destroy IKE_SA IKEv2-EAP[2] Dec 6 07:24:38 02[IKE] <IKEv2-EAP|2> IKE_SA IKEv2-EAP[2] state change: CONNECTING => DESTROYING Dec 6 07:24:38 02[MGR] check-in and destroy of IKE_SA successful Dec 6 07:25:08 04[JOB] got event, queuing job for execution Dec 6 07:25:08 04[JOB] no events, waiting Dec 6 07:25:08 01[MGR] checkout IKE_SA Config: # ipsec.conf - strongSwan IPsec configuration file config setup uniqueids=never conn %default keyexchange=ikev2 ike=aes256-sha1-modp1024,aes128-sha1-modp1024,3des-sha1-modp1024! esp=aes256-sha256,aes256-sha1,3des-sha1! rekey=no dpdaction=clear dpddelay=300s left=%any leftsubnet=0.0.0.0/0 leftcert=server.cert.pem right=%any rightsourceip=10.31.2.0/24 auto=add conn IKEv2-EAP ike=aes256-sha1-modp1024! esp=aes256-sha1! leftsendcert=always leftauth=pubkey leftid=%any rightsendcert=never rightauth=eap-mschapv2 rightid=%any eap_identity=%identity rekey=no fragmentation=yes strongswan version - 5.5.1 But it works fine under windows 8/10.. Any ideas? _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users