1.) Do you need to stay on 4.5.2? As per my understanding, it is quite old. The latest version is 5.3.0. 2.) Do you have multiple tunnels on this unit with different authentication methods? The examples at https://www.strongswan.org/uml/testresults4/ikev1/rw-psk-ipv4/ show authby in the default connection.
Regards, Randy On Fri, Jun 5, 2015 at 10:07 AM, Alexandre DEPREZ <[email protected]> wrote: > Hi Randy, > > I forgot to mention, i'm using this version: > > Linux strongSwan U4.5.2/K3.2.0-4-amd64 > > Here is it : > > conn tunnel-1 > left=a.a.a.a > right=b.b.b.b > leftsubnet=10.252.243.128/28 > rightsubnet=172.23.149.0/24 > leftsourceip=a.a.a.a > ike=aes256-sha1-modp1024,aes128-sha1-modp1024! > ikelifetime=86400s > dpddelay=15s > dpdtimeout=30s > dpdaction=restart > esp=aes256-sha1! > keylife=3600s > rekeymargin=540s > type=tunnel > authby=secret > pfs=no > compress=no > auto=start > keyingtries=%forever > > I also tried to use > > leftxauthclient=no > rightxauthserver=no > > No changes. > > Thanks > > > > > > On Fri, Jun 5, 2015 at 7:02 PM, Randy Wyatt <[email protected]> wrote: > >> Please send a sanitized version of your configuration. xauth should only >> be sent if you configured it to be sent. >> >> On Fri, Jun 5, 2015 at 9:09 AM, Alexandre DEPREZ <[email protected]> >> wrote: >> >>> Hi, >>> >>> I'm using strongswan only for L2L VPN. >>> >>> It's been some times now, I can not be the initiator of the VPN because >>> strongswan is always sending an XAUTH option in the phase 1 establishment. >>> >>> When the other side is not configured to receive remote user, it's >>> working but when it is, I'm receiving L2TP/IPsec or some other remote >>> access vpn protocols. >>> >>> I can not wait for the other side to send me trafic in order to be the >>> responder. I tried to recompile strongswan removing xauth, but it's not >>> working. >>> >>> Is there any configuration command I can use to force strongswan not to >>> send XAUTH ? >>> >>> Thanks >>> >>> Alex >>> >>> >>> >>> >>> >>> >>> _______________________________________________ >>> Users mailing list >>> [email protected] >>> https://lists.strongswan.org/mailman/listinfo/users >>> >> >> >> >> -- >> Randy W. Wyatt >> [email protected] >> Home: 858-309-5303 >> Cell: 858-598-4421 >> Fax: 858-408-7554 >> > > -- Randy W. Wyatt [email protected] Home: 858-309-5303 Cell: 858-598-4421 Fax: 858-408-7554
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
