Hello,
i have a problem. My Strongswan Linux strongSwan U5.1.2/K3.13.0-71-generic.
Ubuntu 12.04.
I have a net2net connection. My VPN Server with 20 Fritzboxes.
The compounds were automatically started. Now I get this error message, and the
connections do not start automatically.
I start the connection manually with ipsec up name it works. Automatically, I
get the error message.
syslog
Dec 3 06:36:55 s17338927 charon: 01[ENC] generating INFORMATIONAL_V1 request
3914028965 [ HASH N(AUTH_FAILED) ]
Dec 3 06:36:55 s17338927 charon: 01[NET] sending packet: from VPNSRVIP[500] to
91.xxx.xxx.137[500] (92 bytes)
Dec 3 06:36:55 s17338927 charon: 14[NET] received packet: from
87.xxx.xxx.8[500] to VPNSRVIP[500] (124 bytes)
Dec 3 06:36:55 s17338927 charon: 14[ENC] parsed ID_PROT request 0 [ ID HASH
N(INITIAL_CONTACT) ]
Dec 3 06:36:55 s17338927 charon: 14[CFG] looking for pre-shared key peer
configs matching VPNSRVIP...87.xxx.xxx.8[xxxxxxxxxxx.myfritz.net]
Dec 3 06:36:55 s17338927 charon: 14[IKE] no peer config found
Dec 3 06:36:55 s17338927 charon: 14[ENC] generating INFORMATIONAL_V1 request
4096300844 [ HASH N(AUTH_FAILED) ]
Dec 3 06:36:55 s17338927 charon: 14[NET] sending packet: from VPNSRVIP[500] to
87.xxx.xxx.8[500] (92 bytes)
Dec 3 06:36:55 s17338927 charon: 12[NET] received packet: from fritzboxip[500]
to VPNSRVIP[500] (416 bytes)
Dec 3 06:36:55 s17338927 charon: 12[ENC] parsed ID_PROT request 0 [ SA V V ]
Dec 3 06:36:55 s17338927 charon: 12[IKE] received XAuth vendor ID
Dec 3 06:36:55 s17338927 charon: 12[IKE] received DPD vendor ID
Dec 3 06:36:55 s17338927 charon: 12[IKE] 79.xxx.xxx.2 is initiating a Main
Mode IKE_SA
Dec 3 06:36:55 s17338927 charon: 12[ENC] generating ID_PROT response 0 [ SA V
V ]
Dec 3 06:36:55 s17338927 charon: 12[NET] sending packet: from VPNSRVIP[500] to
79.xxx.xxx.2[500] (116 bytes)
Dec 3 06:36:56 s17338927 charon: 15[NET] received packet: from
83.xxx.xxx.170[500] to VPNSRVIP[500] (476 bytes)
Dec 3 06:36:56 s17338927 charon: 15[ENC] parsed ID_PROT request 0 [ SA V V V V
V ]
Dec 3 06:36:56 s17338927 charon: 15[IKE] received XAuth vendor ID
Dec 3 06:36:56 s17338927 charon: 15[IKE] received DPD vendor ID
Dec 3 06:36:56 s17338927 charon: 15[IKE] received NAT-T (RFC 3947) vendor ID
Dec 3 06:36:56 s17338927 charon: 15[IKE] received
draft-ietf-ipsec-nat-t-ike-03 vendor ID
Dec 3 06:36:56 s17338927 charon: 15[ENC] received unknown vendor ID:
a2:22:6f:c3:64:50:0f:56:34:ff:77:db:3b:74:f4:1b
Ipsec.conf
conn name
left=vpnserverip
leftsubnet=10.254.254.0/24
#
ike=aes256-sha-modp1024
esp=aes192-sha1-modp1024
#
right=%any
[email protected]
rightsubnet=10.1.1.0/24
#
ikelifetime=4h
keylife=1h
#
authby=secret
auto=start
ipsec.secrets
# PSK
vpnserverip intern : PSK "yxxxxxxxxx"
# ServerHostkey
: RSA ServerHostKey.pem
it worked. Now it suddenly stopped working.
Mit freundlichen Grüßen aus Gladbeck
-------------------------------
Marc Müller
_______________________________________________
APITSolutions
Andreas Patzelt IT Solutions
Krusenkamp 24
45964 Gladbeck
Telefon: 02043 / 9357169
Fax: 02043 / 9350639
E-Mail: [email protected]<mailto:[email protected]>
Web: http://apit-solutions.de
USt-IdNr.: DE273467836
Geschäftsführung und Verantwortlichkeit:
Andreas Patzelt
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
