Hello Kushagra, I think you mixed up left and right in your connection definition.
The error message is packet from 192.168.43.62:500: initial Main Mode message received on 192.168.43.212:500 but no connection has been authorized This means that the server side is left=192.168.43.212 whereas you defined left=192.168.43.62 which apparently is the client side. Also if you define rightsourceip=10.0.0.3 then rightsubnet=0.0.0.0/0 is superfluous. Regards Andreas On 05/03/2012 07:40 PM, Kushagra Bhatnagar wrote: > Hello All, > > I am trying to setup the IKEv1 VPN connection with type as IPSEC XAUTH PSK on > android ICS with strongswan server. > > Below is my /etc/ipsec.conf > > conn android > authby=xauthpsk > xauth=server > left=192.168.43.62 > leftsubnet=0.0.0.0/0 > leftnexthop=%defaultroute > leftsourceip=10.0.0.2 > right=%any > rightsubnet=0.0.0.0/0 > rightnexthop=%defaultroute > rightsourceip=10.0.0.3 > pfs=no > auto=add > > below is the snapshot of ipsec.secrets > > 192.168.43.62 192.168.43.212 %any : PSK "whatyouseeiswhatyouget" > > : RSA serverKey.pem > ipsecvpn : XAUTH 0x7365637265743230313200 > > include /var/lib/strongswan/ipsec.secrets.inc > > Note: > Above in ipsec.secrets file, I already provided xauth password in binary > format with NULL terminated for taking care of Android 4 implementation. > > Configured the same settings on client with the same PSK and xauth password. > > After the above settings, when I tried to enable VPN on client, from the > wireshark logs of server, I observe that client is keep on sending Identity > protection (main mode) message to the server but the server is not replying > back. > Upon checking the server logs, I observe following error - "packet from > 192.168.43.62:500: initial Main Mode message received on 192.168.43.212:500 > but no connection has been authorized with policy=XAUTHPSK+XAUTHSERVER". > > Below are the log snippets. > > May 3 13:11:48 Linux pluto[2209]: | preparse_isakmp_policy: peer requests > XAUTHPSK+XAUTHSERVER authentication > May 3 13:11:48 Linux pluto[2209]: packet from 192.168.43.62:500: initial > Main Mode message received on 192.168.43.212:500 but no connection has been > authorized with policy=XAUTHPSK+XAUTHSERVER > May 3 13:11:48 Linux pluto[2209]: | next event EVENT_REINIT_SECRET in 2635 > seconds > > Can somebody please provide some update on the above error. > > Thanks, > -Kushagra ====================================================================== Andreas Steffen [email protected] strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]== _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
