subject:"\[strongSwan\] problem connecting linux laptop to VPN using network\-manager\-strongswan 1.4.5\-2.1"

Re: [strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

2021-06-28 Thread David H Durgee


Checking the "Request an inner IP address" box did get me further:

Jun 28 14:50:07 Z560 charon-nm: 15[IKE] installing new virtual IP 
10.10.10.2
Jun 28 14:50:07 Z560 charon-nm: 15[CFG] selected proposal: 
ESP:AES_CBC_256/HMAC_SHA1_96/NO_EXT_SEQ
Jun 28 14:50:07 Z560 charon-nm: 15[IKE] CHILD_SA Durgee Enterprises, 
LLC{2} established with SPIs c52f6709_i ce1425eb_o and TS 
10.10.10.2/32 === 0.0.0.0/0

Jun 28 14:50:07 Z560 charon-nm: 15[IKE] peer supports MOBIKE
Jun 28 14:53:34 Z560 charon-nm: 01[IKE] deleting IKE_SA Durgee 
Enterprises, LLC[2] between 
192.168.1.114[dhdurgee]...108.31.28.59[durgeeenterprises.publicvm.com]
Jun 28 14:53:34 Z560 charon-nm: 01[IKE] sending DELETE for IKE_SA 
Durgee Enterprises, LLC[2]
Jun 28 14:53:34 Z560 charon-nm: 01[ENC] generating INFORMATIONAL 
request 6 [ D ]
Jun 28 14:53:34 Z560 charon-nm: 01[NET] sending packet: from 
192.168.1.114[47031] to 108.31.28.59[4500] (76 bytes)
Jun 28 14:53:34 Z560 charon-nm: 13[NET] received packet: from 
108.31.28.59[4500] to 192.168.1.114[47031] (76 bytes)
Jun 28 14:53:34 Z560 charon-nm: 13[ENC] parsed INFORMATIONAL response 
6 [ ]

Jun 28 14:53:34 Z560 charon-nm: 13[IKE] IKE_SA deleted


This however appears to be only part of the solution.  I see no tun 
interface created and routing continued to be via the WiFi connection.  
I have attached my current configuration file for the connection from 
/etc/NetworkManager/system-connections as generated via the GUI.  
Hopefully someone can tell me what else I need to change via the GUI.


Thanks in advance.

Dave


Noel Kuntze wrote:  Set "Request an inner IP address".

Am 28.06.21 um 15:55 schrieb David H Durgee:

Michael Schwartzkopff wrote:

On 28.06.21 15:34, David H Durgee wrote:

Michael Schwartzkopff wrote:

On 28.06.21 13:44, David H Durgee wrote:

I added that package and got further this time:


(...)
Jun 28 07:33:58 Z560 charon-nm: 06[ENC] parsed IKE_AUTH response 
5 [

AUTH N(MOBIKE_SUP) N(NO_ADD_ADDR) N(FAIL_CP_REQ) N(TS_UNACCEPT) ]
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] authentication of
'durgeeenterprises.publicvm.com' with EAP successful
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] IKE_SA Durgee Enterprises,
LLC[1] established between
192.168.1.114[dhdurgee]...108.31.28.59[durgeeenterprises.publicvm.com] 

Jun 28 07:33:58 Z560 charon-nm: 06[IKE] scheduling rekeying in 
35606s
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] maximum IKE_SA lifetime 
36206s

Jun 28 07:33:58 Z560 charon-nm: 06[IKE] received FAILED_CP_REQUIRED
notify, no CHILD_SA built
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] failed to establish 
CHILD_SA,

keeping IKE_SA

hi,


Your responder (Server) seems to have some kind of configured poliy
where the server waits for a configuration request from the 
client. But

the clients does not ask for the config and the server terminates the
connection.

Please see the logs of you server, what exactly is missing. 
Perhaps the
server wants to hand out an IP address to the client or something 
else.



Mit freundlichen Grüßen,


Looking at the log on the server I see:


Jun 28 07:33:58 DG41TY charon: 10[IKE] authentication of 'dhdurgee'
with EAP successful
Jun 28 07:33:58 DG41TY charon: 10[IKE] authentication of
'durgeeenterprises.publicvm.com' (myself) with EAP
Jun 28 07:33:58 DG41TY charon: 10[IKE] IKE_SA ikev2-vpn[61]
established between
192.168.80.11[durgeeenterprises.publicvm.com]...172.58.190.234[dhdurgee] 


Jun 28 07:33:58 DG41TY charon: 10[IKE] IKE_SA ikev2-vpn[61]
established between
192.168.80.11[durgeeenterprises.publicvm.com]...172.58.190.234[dhdurgee] 


Jun 28 07:33:58 DG41TY charon: 10[IKE] expected a virtual IP request,
sending FAILED_CP_REQUIRED
Jun 28 07:33:58 DG41TY charon: 10[IKE] traffic selectors 0.0.0.0/0
::/0 === 192.168.1.114/32 inacceptable
Jun 28 07:33:58 DG41TY charon: 10[IKE] failed to establish CHILD_SA,
keeping IKE_SA
Jun 28 07:33:58 DG41TY charon: 10[ENC] generating IKE_AUTH response 5
[ AUTH N(MOBIKE_SUP) N(NO_ADD_ADDR) N(FAIL_CP_REQ) N(TS_UNACCEPT) ]
Jun 28 07:33:58 DG41TY charon: 10[NET] sending packet: from
192.168.80.11[4500] to 172.58.190.234[59726] (124 bytes)
Jun 28 07:33:58 DG41TY charon: 14[NET] received packet: from
172.58.190.234[59726] to 192.168.80.11[4500] (76 bytes)
Jun 28 07:33:58 DG41TY charon: 14[ENC] parsed INFORMATIONAL request 6
[ D ]
Jun 28 07:33:58 DG41TY charon: 14[IKE] received DELETE for IKE_SA
ikev2-vpn[61]
Jun 28 07:33:58 DG41TY charon: 14[IKE] deleting IKE_SA ikev2-vpn[61]
between
192.168.80.11[durgeeenterprises.publicvm.com]...172.58.190.234[dhdurgee] 


Jun 28 07:33:58 DG41TY charon: 14[IKE] deleting IKE_SA ikev2-vpn[61]
between
192.168.80.11[durgeeenterprises.publicvm.com]...172.58.190.234[dhdurgee] 


Jun 28 07:33:58 DG41TY charon: 14[IKE] IKE_SA deleted
Jun 28 07:33:58 DG41TY charon: 14[IKE] IKE_SA deleted
Jun 28 07:33:58 DG41TY charon: 14[ENC] generating INFORMATIONAL
response 6 [ ]
Jun 28 07:33:58 DG41TY charon: 14[NET] sending packet: from
192.168.80.11[4500] to 172.58.190.234[59726] (76 bytes)

Looking at my

Re: [strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

2021-06-28 Thread Noel Kuntze


Set "Request an inner IP address".

Am 28.06.21 um 15:55 schrieb David H Durgee:

Michael Schwartzkopff wrote:

On 28.06.21 15:34, David H Durgee wrote:

Michael Schwartzkopff wrote:

On 28.06.21 13:44, David H Durgee wrote:

I added that package and got further this time:


(...)
Jun 28 07:33:58 Z560 charon-nm: 06[ENC] parsed IKE_AUTH response 5 [
AUTH N(MOBIKE_SUP) N(NO_ADD_ADDR) N(FAIL_CP_REQ) N(TS_UNACCEPT) ]
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] authentication of
'durgeeenterprises.publicvm.com' with EAP successful
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] IKE_SA Durgee Enterprises,
LLC[1] established between
192.168.1.114[dhdurgee]...108.31.28.59[durgeeenterprises.publicvm.com]
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] scheduling rekeying in 35606s
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] maximum IKE_SA lifetime 36206s
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] received FAILED_CP_REQUIRED
notify, no CHILD_SA built
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] failed to establish CHILD_SA,
keeping IKE_SA

hi,


Your responder (Server) seems to have some kind of configured poliy
where the server waits for a configuration request from the client. But
the clients does not ask for the config and the server terminates the
connection.

Please see the logs of you server, what exactly is missing. Perhaps the
server wants to hand out an IP address to the client or something else.


Mit freundlichen Grüßen,


Looking at the log on the server I see:


Jun 28 07:33:58 DG41TY charon: 10[IKE] authentication of 'dhdurgee'
with EAP successful
Jun 28 07:33:58 DG41TY charon: 10[IKE] authentication of
'durgeeenterprises.publicvm.com' (myself) with EAP
Jun 28 07:33:58 DG41TY charon: 10[IKE] IKE_SA ikev2-vpn[61]
established between
192.168.80.11[durgeeenterprises.publicvm.com]...172.58.190.234[dhdurgee]
Jun 28 07:33:58 DG41TY charon: 10[IKE] IKE_SA ikev2-vpn[61]
established between
192.168.80.11[durgeeenterprises.publicvm.com]...172.58.190.234[dhdurgee]
Jun 28 07:33:58 DG41TY charon: 10[IKE] expected a virtual IP request,
sending FAILED_CP_REQUIRED
Jun 28 07:33:58 DG41TY charon: 10[IKE] traffic selectors 0.0.0.0/0
::/0 === 192.168.1.114/32 inacceptable
Jun 28 07:33:58 DG41TY charon: 10[IKE] failed to establish CHILD_SA,
keeping IKE_SA
Jun 28 07:33:58 DG41TY charon: 10[ENC] generating IKE_AUTH response 5
[ AUTH N(MOBIKE_SUP) N(NO_ADD_ADDR) N(FAIL_CP_REQ) N(TS_UNACCEPT) ]
Jun 28 07:33:58 DG41TY charon: 10[NET] sending packet: from
192.168.80.11[4500] to 172.58.190.234[59726] (124 bytes)
Jun 28 07:33:58 DG41TY charon: 14[NET] received packet: from
172.58.190.234[59726] to 192.168.80.11[4500] (76 bytes)
Jun 28 07:33:58 DG41TY charon: 14[ENC] parsed INFORMATIONAL request 6
[ D ]
Jun 28 07:33:58 DG41TY charon: 14[IKE] received DELETE for IKE_SA
ikev2-vpn[61]
Jun 28 07:33:58 DG41TY charon: 14[IKE] deleting IKE_SA ikev2-vpn[61]
between
192.168.80.11[durgeeenterprises.publicvm.com]...172.58.190.234[dhdurgee]
Jun 28 07:33:58 DG41TY charon: 14[IKE] deleting IKE_SA ikev2-vpn[61]
between
192.168.80.11[durgeeenterprises.publicvm.com]...172.58.190.234[dhdurgee]
Jun 28 07:33:58 DG41TY charon: 14[IKE] IKE_SA deleted
Jun 28 07:33:58 DG41TY charon: 14[IKE] IKE_SA deleted
Jun 28 07:33:58 DG41TY charon: 14[ENC] generating INFORMATIONAL
response 6 [ ]
Jun 28 07:33:58 DG41TY charon: 14[NET] sending packet: from
192.168.80.11[4500] to 172.58.190.234[59726] (76 bytes)

Looking at my settings for the network connection shows IPv4 enabled
expecting an address to be assigned automatically via DHCP with DNS
and Routes set as automatic.  The checkbox for "use this connection
only for resources on its network" is NOT checked.  The page for IPv6
is also set as automatic with the checkbox NOT checked.

On the identity page none of the options are checked.  Options are:

"Request an inner IP address"
"Enforce UDP encapsulation"
"Use IP compression"

All this should be defaults, as I only filled in the name, gateway,
certificate, authentication(EAP), username and password fields.

Dave


I don't know about the manufacturer of your server side. but did you try
to add leftsourceip=%config to your client (initiator) config? Also
%config6 for IPv6 exists. See
https://wiki.strongswan.org/projects/strongswan/wiki/VirtualIp




Mit freundlichen Grüßen,



I am configuring this client using the strongswan plugin for network manager as 
noted in the subject line.  I have attached the created network connection to 
this post for your inspection.  I guess additional lines could be edited in 
manually if necessary, but now I am wondering if I am posting in the proper 
place.  Is it possible this is a network-manager problem as opposed to 
strongswan?

Dave




OpenPGP_signature
Description: OpenPGP digital signature

Re: [strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

2021-06-28 Thread Noel Kuntze

/


--
*From:* Users  on behalf of David H Durgee 

*Sent:* Sunday, June 27, 2021 10:42 pm
*To:* users@lists.strongswan.org
*Subject:* [strongSwan] problem connecting linux laptop to VPN using 
network-manager-strongswan 1.4.5-2.1
I am encountering a problem attempting to access a VPN using strongswan
from my linux laptop.  I have it working from an android phone and
tablet as well as a windows laptop, so I know the server is configured
properly.

The connection appears to start normally and then fails at the EAP
stage.  Log on the linux laptop shows:

> Jun 27 17:05:15 Z560 charon-nm: 06[IKE] authentication of
> 'durgeeenterprises.publicvm.com' with RSA_EMSA_PKCS1_SHA2_384 successful
> Jun 27 17:05:15 Z560 charon-nm: 06[IKE] server requested EAP_IDENTITY
> (id 0x00), sending 'dhdurgee'
> Jun 27 17:05:15 Z560 charon-nm: 06[IKE] EAP_IDENTITY not supported,
> sending EAP_NAK
> Jun 27 17:05:15 Z560 charon-nm: 06[ENC] generating IKE_AUTH request 2
> [ EAP/RES/NAK ]
> Jun 27 17:05:15 Z560 charon-nm: 06[NET] sending packet: from
> 192.168.1.114[60298] to 108.31.28.59[4500] (76 bytes)
> Jun 27 17:05:15 Z560 charon-nm: 09[NET] received packet: from
> 108.31.28.59[4500] to 192.168.1.114[60298] (76 bytes)
> Jun 27 17:05:15 Z560 charon-nm: 09[ENC] parsed IKE_AUTH response 2 [
> EAP/FAIL ]
> Jun 27 17:05:15 Z560 charon-nm: 09[IKE] received EAP_FAILURE, EAP
> authentication failed
> Jun 27 17:05:15 Z560 charon-nm: 09[ENC] generating INFORMATIONAL
> request 3 [ N(AUTH_FAILED) ]
> Jun 27 17:05:15 Z560 charon-nm: 09[NET] sending packet: from
> 192.168.1.114[60298] to 108.31.28.59[4500] (76 bytes)

While on the server end I see:

> Jun 27 17:05:15 DG41TY charon: 06[CFG] looking for peer configs
> matching 192.168.80.11[%any]...172.58.187.218[dhdurgee]
> Jun 27 17:05:15 DG41TY charon: 06[CFG] selected peer config 'ikev2-vpn'
> Jun 27 17:05:15 DG41TY charon: 06[IKE] initiating EAP_IDENTITY method
> (id 0x00)
> Jun 27 17:05:15 DG41TY charon: 06[IKE] peer supports MOBIKE
> Jun 27 17:05:15 DG41TY charon: 06[IKE] authentication of
> 'durgeeenterprises.publicvm.com' (myself) with RSA_EMSA_PKCS1_SHA384
> successful
> Jun 27 17:05:15 DG41TY charon: 06[IKE] sending end entity cert "C=US,
> O=Durgee Enterprises LLC, CN=durgeeenterprises.publicvm.com"
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ IDr CERT AUTH EAP/REQ/ID ]
> Jun 27 17:05:15 DG41TY charon: 06[ENC] splitting IKE message with
> length of 2092 bytes into 5 fragments
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ EF(1/5) ]
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ EF(2/5) ]
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ EF(3/5) ]
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ EF(4/5) ]
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ EF(5/5) ]
> Jun 27 17:05:15 DG41TY charon: 06[NET] sending packet: from
> 192.168.80.11[4500] to 172.58.187.218[54591] (544 bytes)
> Jun 27 17:05:15 DG41TY charon: message repeated 3 times: [ 06[NET]
> sending packet: from 192.168.80.11[4500] to 172.58.187.218[54591] (544
> bytes)]
> Jun 27 17:05:15 DG41TY charon: 06[NET] sending packet: from
> 192.168.80.11[4500] to 172.58.187.218[54591] (176 bytes)
> Jun 27 17:05:15 DG41TY charon: 05[NET] received packet: from
> 172.58.187.218[54591] to 192.168.80.11[4500] (76 bytes)
> Jun 27 17:05:15 DG41TY charon: 05[ENC] parsed IKE_AUTH request 2 [
> EAP/RES/NAK ]
> Jun 27 17:05:15 DG41TY charon: 05[IKE] received EAP_NAK, sending
> EAP_FAILURE
> Jun 27 17:05:15 DG41TY charon: 05[ENC] generating IKE_AUTH response 2
> [ EAP/FAIL ]
> Jun 27 17:05:15 DG41TY charon: 05[NET] sending packet: from
> 192.168.80.11[4500] to 172.58.187.218[54591] (76 bytes)

What am I doing wrong here?  I assume I have an error in the linux
client configuration, since android and windows clients work with the
server.  What did I miss?

Dave







OpenPGP_signature
Description: OpenPGP digital signature

Re: [strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

2021-06-28 Thread Charles Fadipe

According to:

Ubuntu 18.04 VPN Connection fails · Issue #32421 · MicrosoftDocs/azure-docs · 
GitHub<https://github.com/MicrosoftDocs/azure-docs/issues/32421>


there may be additional plugins required to get eap working with strongswan

The very last post suggests


libcharon-extra-plugins libcharon-standard-plugins 
libstrongswan-standard-plugins libstrongswan-extra-plugins


Kind Regards


Charles Fadipe

Junior Penetration and Security Tester
University Information Services

University of Cambridge



From: Users  on behalf of David H Durgee 

Sent: Sunday, June 27, 2021 10:42 pm
To: users@lists.strongswan.org
Subject: [strongSwan] problem connecting linux laptop to VPN using 
network-manager-strongswan 1.4.5-2.1

I am encountering a problem attempting to access a VPN using strongswan
from my linux laptop.  I have it working from an android phone and
tablet as well as a windows laptop, so I know the server is configured
properly.

The connection appears to start normally and then fails at the EAP
stage.  Log on the linux laptop shows:

> Jun 27 17:05:15 Z560 charon-nm: 06[IKE] authentication of
> 'durgeeenterprises.publicvm.com' with RSA_EMSA_PKCS1_SHA2_384 successful
> Jun 27 17:05:15 Z560 charon-nm: 06[IKE] server requested EAP_IDENTITY
> (id 0x00), sending 'dhdurgee'
> Jun 27 17:05:15 Z560 charon-nm: 06[IKE] EAP_IDENTITY not supported,
> sending EAP_NAK
> Jun 27 17:05:15 Z560 charon-nm: 06[ENC] generating IKE_AUTH request 2
> [ EAP/RES/NAK ]
> Jun 27 17:05:15 Z560 charon-nm: 06[NET] sending packet: from
> 192.168.1.114[60298] to 108.31.28.59[4500] (76 bytes)
> Jun 27 17:05:15 Z560 charon-nm: 09[NET] received packet: from
> 108.31.28.59[4500] to 192.168.1.114[60298] (76 bytes)
> Jun 27 17:05:15 Z560 charon-nm: 09[ENC] parsed IKE_AUTH response 2 [
> EAP/FAIL ]
> Jun 27 17:05:15 Z560 charon-nm: 09[IKE] received EAP_FAILURE, EAP
> authentication failed
> Jun 27 17:05:15 Z560 charon-nm: 09[ENC] generating INFORMATIONAL
> request 3 [ N(AUTH_FAILED) ]
> Jun 27 17:05:15 Z560 charon-nm: 09[NET] sending packet: from
> 192.168.1.114[60298] to 108.31.28.59[4500] (76 bytes)

While on the server end I see:

> Jun 27 17:05:15 DG41TY charon: 06[CFG] looking for peer configs
> matching 192.168.80.11[%any]...172.58.187.218[dhdurgee]
> Jun 27 17:05:15 DG41TY charon: 06[CFG] selected peer config 'ikev2-vpn'
> Jun 27 17:05:15 DG41TY charon: 06[IKE] initiating EAP_IDENTITY method
> (id 0x00)
> Jun 27 17:05:15 DG41TY charon: 06[IKE] peer supports MOBIKE
> Jun 27 17:05:15 DG41TY charon: 06[IKE] authentication of
> 'durgeeenterprises.publicvm.com' (myself) with RSA_EMSA_PKCS1_SHA384
> successful
> Jun 27 17:05:15 DG41TY charon: 06[IKE] sending end entity cert "C=US,
> O=Durgee Enterprises LLC, CN=durgeeenterprises.publicvm.com"
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ IDr CERT AUTH EAP/REQ/ID ]
> Jun 27 17:05:15 DG41TY charon: 06[ENC] splitting IKE message with
> length of 2092 bytes into 5 fragments
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ EF(1/5) ]
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ EF(2/5) ]
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ EF(3/5) ]
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ EF(4/5) ]
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ EF(5/5) ]
> Jun 27 17:05:15 DG41TY charon: 06[NET] sending packet: from
> 192.168.80.11[4500] to 172.58.187.218[54591] (544 bytes)
> Jun 27 17:05:15 DG41TY charon: message repeated 3 times: [ 06[NET]
> sending packet: from 192.168.80.11[4500] to 172.58.187.218[54591] (544
> bytes)]
> Jun 27 17:05:15 DG41TY charon: 06[NET] sending packet: from
> 192.168.80.11[4500] to 172.58.187.218[54591] (176 bytes)
> Jun 27 17:05:15 DG41TY charon: 05[NET] received packet: from
> 172.58.187.218[54591] to 192.168.80.11[4500] (76 bytes)
> Jun 27 17:05:15 DG41TY charon: 05[ENC] parsed IKE_AUTH request 2 [
> EAP/RES/NAK ]
> Jun 27 17:05:15 DG41TY charon: 05[IKE] received EAP_NAK, sending
> EAP_FAILURE
> Jun 27 17:05:15 DG41TY charon: 05[ENC] generating IKE_AUTH response 2
> [ EAP/FAIL ]
> Jun 27 17:05:15 DG41TY charon: 05[NET] sending packet: from
> 192.168.80.11[4500] to 172.58.187.218[54591] (76 bytes)

What am I doing wrong here?  I assume I have an error in the linux
client configuration, since android and windows clients work with the
server.  What did I miss?

Dave

Re: [strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

2021-06-28 Thread David H Durgee


Michael Schwartzkopff wrote:

On 28.06.21 15:34, David H Durgee wrote:

Michael Schwartzkopff wrote:

On 28.06.21 13:44, David H Durgee wrote:

I added that package and got further this time:


(...)
Jun 28 07:33:58 Z560 charon-nm: 06[ENC] parsed IKE_AUTH response 5 [
AUTH N(MOBIKE_SUP) N(NO_ADD_ADDR) N(FAIL_CP_REQ) N(TS_UNACCEPT) ]
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] authentication of
'durgeeenterprises.publicvm.com' with EAP successful
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] IKE_SA Durgee Enterprises,
LLC[1] established between
192.168.1.114[dhdurgee]...108.31.28.59[durgeeenterprises.publicvm.com]
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] scheduling rekeying in 35606s
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] maximum IKE_SA lifetime 36206s
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] received FAILED_CP_REQUIRED
notify, no CHILD_SA built
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] failed to establish CHILD_SA,
keeping IKE_SA

hi,


Your responder (Server) seems to have some kind of configured poliy
where the server waits for a configuration request from the client. But
the clients does not ask for the config and the server terminates the
connection.

Please see the logs of you server, what exactly is missing. Perhaps the
server wants to hand out an IP address to the client or something else.


Mit freundlichen Grüßen,


Looking at the log on the server I see:


Jun 28 07:33:58 DG41TY charon: 10[IKE] authentication of 'dhdurgee'
with EAP successful
Jun 28 07:33:58 DG41TY charon: 10[IKE] authentication of
'durgeeenterprises.publicvm.com' (myself) with EAP
Jun 28 07:33:58 DG41TY charon: 10[IKE] IKE_SA ikev2-vpn[61]
established between
192.168.80.11[durgeeenterprises.publicvm.com]...172.58.190.234[dhdurgee]
Jun 28 07:33:58 DG41TY charon: 10[IKE] IKE_SA ikev2-vpn[61]
established between
192.168.80.11[durgeeenterprises.publicvm.com]...172.58.190.234[dhdurgee]
Jun 28 07:33:58 DG41TY charon: 10[IKE] expected a virtual IP request,
sending FAILED_CP_REQUIRED
Jun 28 07:33:58 DG41TY charon: 10[IKE] traffic selectors 0.0.0.0/0
::/0 === 192.168.1.114/32 inacceptable
Jun 28 07:33:58 DG41TY charon: 10[IKE] failed to establish CHILD_SA,
keeping IKE_SA
Jun 28 07:33:58 DG41TY charon: 10[ENC] generating IKE_AUTH response 5
[ AUTH N(MOBIKE_SUP) N(NO_ADD_ADDR) N(FAIL_CP_REQ) N(TS_UNACCEPT) ]
Jun 28 07:33:58 DG41TY charon: 10[NET] sending packet: from
192.168.80.11[4500] to 172.58.190.234[59726] (124 bytes)
Jun 28 07:33:58 DG41TY charon: 14[NET] received packet: from
172.58.190.234[59726] to 192.168.80.11[4500] (76 bytes)
Jun 28 07:33:58 DG41TY charon: 14[ENC] parsed INFORMATIONAL request 6
[ D ]
Jun 28 07:33:58 DG41TY charon: 14[IKE] received DELETE for IKE_SA
ikev2-vpn[61]
Jun 28 07:33:58 DG41TY charon: 14[IKE] deleting IKE_SA ikev2-vpn[61]
between
192.168.80.11[durgeeenterprises.publicvm.com]...172.58.190.234[dhdurgee]
Jun 28 07:33:58 DG41TY charon: 14[IKE] deleting IKE_SA ikev2-vpn[61]
between
192.168.80.11[durgeeenterprises.publicvm.com]...172.58.190.234[dhdurgee]
Jun 28 07:33:58 DG41TY charon: 14[IKE] IKE_SA deleted
Jun 28 07:33:58 DG41TY charon: 14[IKE] IKE_SA deleted
Jun 28 07:33:58 DG41TY charon: 14[ENC] generating INFORMATIONAL
response 6 [ ]
Jun 28 07:33:58 DG41TY charon: 14[NET] sending packet: from
192.168.80.11[4500] to 172.58.190.234[59726] (76 bytes)

Looking at my settings for the network connection shows IPv4 enabled
expecting an address to be assigned automatically via DHCP with DNS
and Routes set as automatic.  The checkbox for "use this connection
only for resources on its network" is NOT checked.  The page for IPv6
is also set as automatic with the checkbox NOT checked.

On the identity page none of the options are checked.  Options are:

"Request an inner IP address"
"Enforce UDP encapsulation"
"Use IP compression"

All this should be defaults, as I only filled in the name, gateway,
certificate, authentication(EAP), username and password fields.

Dave


I don't know about the manufacturer of your server side. but did you try
to add leftsourceip=%config to your client (initiator) config? Also
%config6 for IPv6 exists. See
https://wiki.strongswan.org/projects/strongswan/wiki/VirtualIp




Mit freundlichen Grüßen,



I am configuring this client using the strongswan plugin for network 
manager as noted in the subject line.  I have attached the created 
network connection to this post for your inspection.  I guess additional 
lines could be edited in manually if necessary, but now I am wondering 
if I am posting in the proper place.  Is it possible this is a 
network-manager problem as opposed to strongswan?


Dave
[connection]
id=Durgee Enterprises, LLC
uuid=79c86094-b6e0-4819-afee-e6e427cdf4c8
type=vpn
autoconnect=false
permissions=user:dhdurgee:;

[vpn]
address=durgeeenterprises.publicvm.com
certificate=/home/dhdurgee/Downloads/vpn_root_certificate.pem
encap=no
ipcomp=no
method=eap
password-flags=1
proposal=no
user=dhdurgee
virtual=no
service-type=org.freedesktop.NetworkManager.strongswan

[ipv4]
dns-search=

Re: [strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

2021-06-28 Thread David H Durgee


I added that package and got further this time:

Jun 28 07:33:57 Z560 charon-nm: 13[IKE] server requested EAP_IDENTITY 
(id 0x00), sending 'dhdurgee'
Jun 28 07:33:57 Z560 charon-nm: 13[ENC] generating IKE_AUTH request 2 
[ EAP/RES/ID ]
Jun 28 07:33:57 Z560 charon-nm: 13[NET] sending packet: from 
192.168.1.114[47031] to 108.31.28.59[4500] (92 bytes)
Jun 28 07:33:58 Z560 charon-nm: 15[NET] received packet: from 
108.31.28.59[4500] to 192.168.1.114[47031] (108 bytes)
Jun 28 07:33:58 Z560 charon-nm: 15[ENC] parsed IKE_AUTH response 2 [ 
EAP/REQ/MSCHAPV2 ]
Jun 28 07:33:58 Z560 charon-nm: 15[IKE] server requested EAP_MSCHAPV2 
authentication (id 0xB0)
Jun 28 07:33:58 Z560 charon-nm: 15[ENC] generating IKE_AUTH request 3 
[ EAP/RES/MSCHAPV2 ]
Jun 28 07:33:58 Z560 charon-nm: 15[NET] sending packet: from 
192.168.1.114[47031] to 108.31.28.59[4500] (140 bytes)
Jun 28 07:33:58 Z560 charon-nm: 01[NET] received packet: from 
108.31.28.59[4500] to 192.168.1.114[47031] (140 bytes)
Jun 28 07:33:58 Z560 charon-nm: 01[ENC] parsed IKE_AUTH response 3 [ 
EAP/REQ/MSCHAPV2 ]
Jun 28 07:33:58 Z560 charon-nm: 01[IKE] EAP-MS-CHAPv2 succeeded: 
'Welcome2strongSwan'
Jun 28 07:33:58 Z560 charon-nm: 01[ENC] generating IKE_AUTH request 4 
[ EAP/RES/MSCHAPV2 ]
Jun 28 07:33:58 Z560 charon-nm: 01[NET] sending packet: from 
192.168.1.114[47031] to 108.31.28.59[4500] (76 bytes)
Jun 28 07:33:58 Z560 charon-nm: 07[NET] received packet: from 
108.31.28.59[4500] to 192.168.1.114[47031] (76 bytes)
Jun 28 07:33:58 Z560 charon-nm: 07[ENC] parsed IKE_AUTH response 4 [ 
EAP/SUCC ]
Jun 28 07:33:58 Z560 charon-nm: 07[IKE] EAP method EAP_MSCHAPV2 
succeeded, MSK established
Jun 28 07:33:58 Z560 charon-nm: 07[IKE] authentication of 'dhdurgee' 
(myself) with EAP
Jun 28 07:33:58 Z560 charon-nm: 07[ENC] generating IKE_AUTH request 5 
[ AUTH ]
Jun 28 07:33:58 Z560 charon-nm: 07[NET] sending packet: from 
192.168.1.114[47031] to 108.31.28.59[4500] (92 bytes)
Jun 28 07:33:58 Z560 charon-nm: 06[NET] received packet: from 
108.31.28.59[4500] to 192.168.1.114[47031] (124 bytes)
Jun 28 07:33:58 Z560 charon-nm: 06[ENC] parsed IKE_AUTH response 5 [ 
AUTH N(MOBIKE_SUP) N(NO_ADD_ADDR) N(FAIL_CP_REQ) N(TS_UNACCEPT) ]
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] authentication of 
'durgeeenterprises.publicvm.com' with EAP successful
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] IKE_SA Durgee Enterprises, 
LLC[1] established between 
192.168.1.114[dhdurgee]...108.31.28.59[durgeeenterprises.publicvm.com]

Jun 28 07:33:58 Z560 charon-nm: 06[IKE] scheduling rekeying in 35606s
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] maximum IKE_SA lifetime 36206s
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] received FAILED_CP_REQUIRED 
notify, no CHILD_SA built
Jun 28 07:33:58 Z560 charon-nm: 06[IKE] failed to establish CHILD_SA, 
keeping IKE_SA

Jun 28 07:33:58 Z560 charon-nm: 06[IKE] peer supports MOBIKE
Jun 28 07:33:58 Z560 charon-nm: 08[IKE] deleting IKE_SA Durgee 
Enterprises, LLC[1] between 
192.168.1.114[dhdurgee]...108.31.28.59[durgeeenterprises.publicvm.com]
Jun 28 07:33:58 Z560 charon-nm: 08[IKE] sending DELETE for IKE_SA 
Durgee Enterprises, LLC[1]
Jun 28 07:33:58 Z560 charon-nm: 08[ENC] generating INFORMATIONAL 
request 6 [ D ]
Jun 28 07:33:58 Z560 charon-nm: 08[NET] sending packet: from 
192.168.1.114[47031] to 108.31.28.59[4500] (76 bytes)
Jun 28 07:33:58 Z560 charon-nm: 09[NET] received packet: from 
108.31.28.59[4500] to 192.168.1.114[47031] (76 bytes)
Jun 28 07:33:58 Z560 charon-nm: 09[ENC] parsed INFORMATIONAL response 
6 [ ]

Jun 28 07:33:58 Z560 charon-nm: 09[IKE] IKE_SA deleted


Obviously I am still missing something or have a setting wrong. Any 
suggestions?


Dave


Charles Fadipe wrote:  Hi David,


Please confirm you have StrongSwann’seap-mschapv2 plugin installed.

If not try Installing,libcharon-extra-plugins on your client.


Kind Regards

/Charles Fadipe/

/Junior Penetration and Security Tester
/
/University Information Services
/

/University of Cambridge/



*From:* Users  on behalf of David 
H Durgee 

*Sent:* Sunday, June 27, 2021 10:42 pm
*To:* users@lists.strongswan.org
*Subject:* [strongSwan] problem connecting linux laptop to VPN using 
network-manager-strongswan 1.4.5-2.1

I am encountering a problem attempting to access a VPN using strongswan
from my linux laptop.  I have it working from an android phone and
tablet as well as a windows laptop, so I know the server is configured
properly.

The connection appears to start normally and then fails at the EAP
stage.  Log on the linux laptop shows:

> Jun 27 17:05:15 Z560 charon-nm: 06[IKE] authentication of
> 'durgeeenterprises.publicvm.com' with RSA_EMSA_PKCS1_SHA2_384 successful
> Jun 27 17:05:15 Z560 charon-nm: 06[IKE] server requested EAP_IDENTITY
> (id 0x00), sending 'dhdurgee'
> Jun 27 17:05:15 Z560 charon-nm: 06[IKE] EAP_IDENTITY not supported,
> sending EAP_NAK
> Jun 27 17:05:15 Z560 charon-nm: 06[ENC] generating IKE_A

Re: [strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

2021-06-28 Thread Tobias Brunner


Hi David,


Jun 27 17:05:15 Z560 charon-nm: 06[IKE] EAP_IDENTITY not supported,
sending EAP_NAK


Make sure the eap-identity plugin is installed (see [1]).

Regards,
Tobias

[1] 
https://wiki.strongswan.org/projects/strongswan/wiki/FAQ#Plugin-is-missing

Re: [strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

2021-06-28 Thread Charles Fadipe

Hi David,


Please confirm you have StrongSwann’s  eap-mschapv2 plugin installed.

If not try Installing, libcharon-extra-plugins on your client.

Kind Regards


Charles Fadipe

Junior Penetration and Security Tester
University Information Services

University of Cambridge



From: Users  on behalf of David H Durgee 

Sent: Sunday, June 27, 2021 10:42 pm
To: users@lists.strongswan.org
Subject: [strongSwan] problem connecting linux laptop to VPN using 
network-manager-strongswan 1.4.5-2.1

I am encountering a problem attempting to access a VPN using strongswan
from my linux laptop.  I have it working from an android phone and
tablet as well as a windows laptop, so I know the server is configured
properly.

The connection appears to start normally and then fails at the EAP
stage.  Log on the linux laptop shows:

> Jun 27 17:05:15 Z560 charon-nm: 06[IKE] authentication of
> 'durgeeenterprises.publicvm.com' with RSA_EMSA_PKCS1_SHA2_384 successful
> Jun 27 17:05:15 Z560 charon-nm: 06[IKE] server requested EAP_IDENTITY
> (id 0x00), sending 'dhdurgee'
> Jun 27 17:05:15 Z560 charon-nm: 06[IKE] EAP_IDENTITY not supported,
> sending EAP_NAK
> Jun 27 17:05:15 Z560 charon-nm: 06[ENC] generating IKE_AUTH request 2
> [ EAP/RES/NAK ]
> Jun 27 17:05:15 Z560 charon-nm: 06[NET] sending packet: from
> 192.168.1.114[60298] to 108.31.28.59[4500] (76 bytes)
> Jun 27 17:05:15 Z560 charon-nm: 09[NET] received packet: from
> 108.31.28.59[4500] to 192.168.1.114[60298] (76 bytes)
> Jun 27 17:05:15 Z560 charon-nm: 09[ENC] parsed IKE_AUTH response 2 [
> EAP/FAIL ]
> Jun 27 17:05:15 Z560 charon-nm: 09[IKE] received EAP_FAILURE, EAP
> authentication failed
> Jun 27 17:05:15 Z560 charon-nm: 09[ENC] generating INFORMATIONAL
> request 3 [ N(AUTH_FAILED) ]
> Jun 27 17:05:15 Z560 charon-nm: 09[NET] sending packet: from
> 192.168.1.114[60298] to 108.31.28.59[4500] (76 bytes)

While on the server end I see:

> Jun 27 17:05:15 DG41TY charon: 06[CFG] looking for peer configs
> matching 192.168.80.11[%any]...172.58.187.218[dhdurgee]
> Jun 27 17:05:15 DG41TY charon: 06[CFG] selected peer config 'ikev2-vpn'
> Jun 27 17:05:15 DG41TY charon: 06[IKE] initiating EAP_IDENTITY method
> (id 0x00)
> Jun 27 17:05:15 DG41TY charon: 06[IKE] peer supports MOBIKE
> Jun 27 17:05:15 DG41TY charon: 06[IKE] authentication of
> 'durgeeenterprises.publicvm.com' (myself) with RSA_EMSA_PKCS1_SHA384
> successful
> Jun 27 17:05:15 DG41TY charon: 06[IKE] sending end entity cert "C=US,
> O=Durgee Enterprises LLC, CN=durgeeenterprises.publicvm.com"
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ IDr CERT AUTH EAP/REQ/ID ]
> Jun 27 17:05:15 DG41TY charon: 06[ENC] splitting IKE message with
> length of 2092 bytes into 5 fragments
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ EF(1/5) ]
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ EF(2/5) ]
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ EF(3/5) ]
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ EF(4/5) ]
> Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1
> [ EF(5/5) ]
> Jun 27 17:05:15 DG41TY charon: 06[NET] sending packet: from
> 192.168.80.11[4500] to 172.58.187.218[54591] (544 bytes)
> Jun 27 17:05:15 DG41TY charon: message repeated 3 times: [ 06[NET]
> sending packet: from 192.168.80.11[4500] to 172.58.187.218[54591] (544
> bytes)]
> Jun 27 17:05:15 DG41TY charon: 06[NET] sending packet: from
> 192.168.80.11[4500] to 172.58.187.218[54591] (176 bytes)
> Jun 27 17:05:15 DG41TY charon: 05[NET] received packet: from
> 172.58.187.218[54591] to 192.168.80.11[4500] (76 bytes)
> Jun 27 17:05:15 DG41TY charon: 05[ENC] parsed IKE_AUTH request 2 [
> EAP/RES/NAK ]
> Jun 27 17:05:15 DG41TY charon: 05[IKE] received EAP_NAK, sending
> EAP_FAILURE
> Jun 27 17:05:15 DG41TY charon: 05[ENC] generating IKE_AUTH response 2
> [ EAP/FAIL ]
> Jun 27 17:05:15 DG41TY charon: 05[NET] sending packet: from
> 192.168.80.11[4500] to 172.58.187.218[54591] (76 bytes)

What am I doing wrong here?  I assume I have an error in the linux
client configuration, since android and windows clients work with the
server.  What did I miss?

Dave

[strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

2021-06-27 Thread David H Durgee

I am encountering a problem attempting to access a VPN using strongswan 
from my linux laptop.  I have it working from an android phone and 
tablet as well as a windows laptop, so I know the server is configured 
properly.


The connection appears to start normally and then fails at the EAP 
stage.  Log on the linux laptop shows:


Jun 27 17:05:15 Z560 charon-nm: 06[IKE] authentication of 
'durgeeenterprises.publicvm.com' with RSA_EMSA_PKCS1_SHA2_384 successful
Jun 27 17:05:15 Z560 charon-nm: 06[IKE] server requested EAP_IDENTITY 
(id 0x00), sending 'dhdurgee'
Jun 27 17:05:15 Z560 charon-nm: 06[IKE] EAP_IDENTITY not supported, 
sending EAP_NAK
Jun 27 17:05:15 Z560 charon-nm: 06[ENC] generating IKE_AUTH request 2 
[ EAP/RES/NAK ]
Jun 27 17:05:15 Z560 charon-nm: 06[NET] sending packet: from 
192.168.1.114[60298] to 108.31.28.59[4500] (76 bytes)
Jun 27 17:05:15 Z560 charon-nm: 09[NET] received packet: from 
108.31.28.59[4500] to 192.168.1.114[60298] (76 bytes)
Jun 27 17:05:15 Z560 charon-nm: 09[ENC] parsed IKE_AUTH response 2 [ 
EAP/FAIL ]
Jun 27 17:05:15 Z560 charon-nm: 09[IKE] received EAP_FAILURE, EAP 
authentication failed
Jun 27 17:05:15 Z560 charon-nm: 09[ENC] generating INFORMATIONAL 
request 3 [ N(AUTH_FAILED) ]
Jun 27 17:05:15 Z560 charon-nm: 09[NET] sending packet: from 
192.168.1.114[60298] to 108.31.28.59[4500] (76 bytes)


While on the server end I see:

Jun 27 17:05:15 DG41TY charon: 06[CFG] looking for peer configs 
matching 192.168.80.11[%any]...172.58.187.218[dhdurgee]

Jun 27 17:05:15 DG41TY charon: 06[CFG] selected peer config 'ikev2-vpn'
Jun 27 17:05:15 DG41TY charon: 06[IKE] initiating EAP_IDENTITY method 
(id 0x00)

Jun 27 17:05:15 DG41TY charon: 06[IKE] peer supports MOBIKE
Jun 27 17:05:15 DG41TY charon: 06[IKE] authentication of 
'durgeeenterprises.publicvm.com' (myself) with RSA_EMSA_PKCS1_SHA384 
successful
Jun 27 17:05:15 DG41TY charon: 06[IKE] sending end entity cert "C=US, 
O=Durgee Enterprises LLC, CN=durgeeenterprises.publicvm.com"
Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1 
[ IDr CERT AUTH EAP/REQ/ID ]
Jun 27 17:05:15 DG41TY charon: 06[ENC] splitting IKE message with 
length of 2092 bytes into 5 fragments
Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1 
[ EF(1/5) ]
Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1 
[ EF(2/5) ]
Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1 
[ EF(3/5) ]
Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1 
[ EF(4/5) ]
Jun 27 17:05:15 DG41TY charon: 06[ENC] generating IKE_AUTH response 1 
[ EF(5/5) ]
Jun 27 17:05:15 DG41TY charon: 06[NET] sending packet: from 
192.168.80.11[4500] to 172.58.187.218[54591] (544 bytes)
Jun 27 17:05:15 DG41TY charon: message repeated 3 times: [ 06[NET] 
sending packet: from 192.168.80.11[4500] to 172.58.187.218[54591] (544 
bytes)]
Jun 27 17:05:15 DG41TY charon: 06[NET] sending packet: from 
192.168.80.11[4500] to 172.58.187.218[54591] (176 bytes)
Jun 27 17:05:15 DG41TY charon: 05[NET] received packet: from 
172.58.187.218[54591] to 192.168.80.11[4500] (76 bytes)
Jun 27 17:05:15 DG41TY charon: 05[ENC] parsed IKE_AUTH request 2 [ 
EAP/RES/NAK ]
Jun 27 17:05:15 DG41TY charon: 05[IKE] received EAP_NAK, sending 
EAP_FAILURE
Jun 27 17:05:15 DG41TY charon: 05[ENC] generating IKE_AUTH response 2 
[ EAP/FAIL ]
Jun 27 17:05:15 DG41TY charon: 05[NET] sending packet: from 
192.168.80.11[4500] to 172.58.187.218[54591] (76 bytes)


What am I doing wrong here?  I assume I have an error in the linux 
client configuration, since android and windows clients work with the 
server.  What did I miss?


Dave



smime.p7s
Description: S/MIME Cryptographic Signature

Re: [strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

Re: [strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

Re: [strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

Re: [strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

Re: [strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

Re: [strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

Re: [strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

Re: [strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

[strongSwan] problem connecting linux laptop to VPN using network-manager-strongswan 1.4.5-2.1

9 matches

Site Navigation

Mail list logo

Footer information