On Wed, 9 Jul 2014, Ben Lentz wrote:
Well, using this information I am certainly a lot closer than ever before! It
looks like I am getting authenticated and the pluto logs are showing the
Cisco-delivered DNS servers and an IP address from the correct client IP pool
is being handed to my machine. However, the IP alias I'm handed is never
added to the interface and the routes are never added. I think I'm still
getting stuck at NO_PROPOSAL_CHOSEN even though it looks to me like 95% of it
is working now.
I'm going to try to keep throwing different combinations at it, but I think I
may have tried them all. Any other ideas?
that sounds like a plan :)
Jul 9 00:16:51 bentz pluto[14906]: "conn" #1: XAUTH: Successfully Authenticated
So ike= is fine.
Jul 9 00:16:51 bentz pluto[14906]: "conn" #2: initiating Quick Mode
PSK+ENCRYPT+TUNNEL+DONTREKEY+UP+MODECFGPULL+AGGRESSIVE+IKEv2ALLOW+SAREFTRACK
{using isakmp#1 msgid:c1b12890 proposal=AES(12)_128-SHA1(2)_160
pfsgroup=no-pfs}
Jul 9 00:16:51 bentz pluto[14906]: "conn" #1: ignoring informational
payload, type NO_PROPOSAL_CHOSEN msgid=00000000
try:
remote_peer_type=cisco
esp=aes-sha1;modp1024
Paul
_______________________________________________
Swan-dev mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-dev
