On 13.10.2016 13:01, Oliver Söder wrote:
> Oct 10 14:54:16 Ubuntu-1604-xenial-64-minimal charon: 01[NET] sending packet:
> from 172.31.1.100[500] to 114.219.152.248[56667] (337 bytes)
> Oct 10 14:54:16 Ubuntu-1604-xenial-64-minimal charon: 10[NET] sending packet:
> from 172.31.1.100[500] to 114.2
Hi,
From my personal experience it looks like the other party did not send back a
certificate as requested by this host, or the packet got lost on the network.
IKE packets can be as large as 3,000 bytes, and China's Internet is known to
have Path MTU "black holes" [1].
Please try ECDSA certifi
I set up a IKEv2 server which works fine with clients from Europe.
A connection from China fails, log of an unsuccessful attempt is at the end
of this email.
And please excuse me if the log is too long, it is the first time I set up
such an environment (one week ago).
Can I do some changes at the
