Hi Tom,
I'm using similar configuration, but without keyingtries. Give it a
chance without this parameter.
And try to set local_addr = 10.17.0.3 in connections.VPN01 due to the
following:
10[CFG] looking for peer configs matching
10.17.0.3[%any]...81.xxx.yyy.zzz[81.xxx.yyy.zzz]
10[CFG] no
I'm trying to setup a connection between a StrongSwan behind NAT and a
directly connected Fortigate but I just can't get the connection up.
This is the relevant config:
# 10.17.0.3 is the private IP of StrongSwan
# 83.aaa.bbb.ccc is the public IP of StrongSwan where port 500 and 4500 are
NAT'd
Ah!!! Ok. Thank you
> On 2 May 2018, at 08:55, Tobias Brunner wrote:
>
> Hi Christian,
>
>> I am trying to re-use settings so that just the certificate is different
>> (vpnserver uses ECDSA, vpnsever1 uses RSA), which according to the help
>> page [1] should be possible:
Hi Christian,
> I am trying to re-use settings so that just the certificate is different
> (vpnserver uses ECDSA, vpnsever1 uses RSA), which according to the help
> page [1] should be possible:
No, that's not how this works. What you actually define by adding a
second local* section is a second
Version: strongSwan 5.6.2 using swanctl
I am trying to re-use settings so that just the certificate is different
(vpnserver uses ECDSA, vpnsever1 uses RSA), which according to the help page
[1] should be possible:
"connections..local sectionSection for a local authentication
round. A local
I figured out, one of certificate was not loaded. Fixed it and working now.
On Mon, Oct 9, 2017 at 10:36 AM, rajeev nohria wrote:
> I am using swanctl, and having "no matching peer config found" issue.
>
> Please find logs and swanctl.conf in this email.
>
> Thanks,
>
I am using swanctl, and having "no matching peer config found" issue.
Please find logs and swanctl.conf in this email.
Thanks,
Rajeev
9[NET] received packet: from fc00:cada:c402:607::1001[500] to
2017::5002[500] (264 bytes)
09[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP)
Hello,
I'm trying to setup IPSec with strongswan 4.5.1 between a Blade Server and
a KVM on my laptop, both with RHEL6. I'm running into a problem where I
see no matching peer config found in the charon.log. I've seen the
previous posts on this error. But I don't see what I'm doing wrong.
Hi,
I can not find the daemon.log on moon side.
charon by default logs to the DAEMON syslog facility. But it depends on
your syslogger configuration to which file syslogger logs to.
The moon side is Fedora Core 9 Linux.
Our (rather old) Fedora box uses /var/log/daemon.
Regards
Martin
)
Sent: Thursday, August 27, 2009 8:58 AM
To: Martin Willi
Cc: users@lists.strongswan.org
Subject: Re: [strongSwan] no matching peer config found
Martin,
Thanks for your reply.
I tried with the full DN, but still failed :-(
I tried with DN C=CN, ST=Shandong, O=ALU, OU=RD, CN
...@strongswan.org]
Sent: Thursday, August 27, 2009 1:25 PM
To: Zhang, Long (Roger)
Cc: Martin Willi; users@lists.strongswan.org
Subject: Re: [strongSwan] no matching peer config found
Roger,
as Martin mentioned in his previous mail, a stupid bug was introduced
some time back in the strongSwan 4.3
11 matches
Mail list logo