Hey everyone,
I hope everyone is well and thanks for reading :)
At work we are running an IPSec/IKEv2 VPN that worked fine with Fedora
31 / strongswan 5.7.2 until the maintainers pushed the update to
strongswan 5.8.2. Since then I am unable to establish a connection and I
don't really understa
Hi Philipp,
> Apr 06 16:14:54 linux.fritz.box charon-nm[2251]: 03[IKE] no acceptable
> traffic selectors found
> Apr 06 16:14:54 linux.fritz.box charon-nm[2251]: 03[IKE] failed to
> establish CHILD_SA, keeping IKE_SA
>
> However the "selected proposal:" line didn't change and I was unable to
>
Hi Tobias,
thanks for the quick reply! I increased the log level for cfg to 4, but
I still don't see a problem (aka "error") in the logs:
Apr 06 18:07:49 linux.fritz.box charon-nm[2186]: 14[CFG] selecting proposal:
Apr 06 18:07:49 linux.fritz.box charon-nm[2186]: 14[CFG] proposal matches
Apr 0
Hi Philipp,
> thanks for the quick reply! I increased the log level for cfg to 4, but
> I still don't see a problem (aka "error") in the logs:
Looks like you forgot to check the "Request an inner IP address" box.
Regards,
Tobias
Hi Tobias,
indeed, that solved the problem. Interesting that this wasn't necessary
earlier or on Android.
Anyway, thank you!
Best,
Philipp
Am 06.04.20 um 18:34 schrieb Tobias Brunner:
Hi Philipp,
thanks for the quick reply! I increased the log level for cfg to 4, but
I still don't see a p
Hi All,
I am using the vici plugin to configure strongswan and load and initiate
connection .
I see that we have a global " *initiator_only = yes/no* " configuration in
charon.conf, is it possible to configure this for per connection via vici,
so that the initiator is only responsible for initiati
I've been trying to make a connection between my home PC and the Watchguard
XTM330 we have at the office.
I'll fully admit that I know enough about all of this to be dangerous, and have
muddled my way through things, as best I can, so the connection atleast appears
to be trying to connect
how
