On 24.01.20 15:14, korsar...@gmail.com wrote: > Hi, > I try to connect strongswan client on Ubuntu 18.04 to the strongswan > server using EAP-PEAP on Windows Network Policy Server, but it doesn't > work. Windows clients connect fine. > > Server logs: > charon: 11[CFG] RADIUS Access-Request timed out after 4 attempts > charon: 11[IKE] EAP method EAP_PEAP failed for peer MyVPNuser > > Client logs: > charon-nm: 06[IKE] EAP-MS-CHAPv2 succeeded: '(null)' > charon-nm: 06[IKE] sending tunneled EAP-PEAP AVP [EAP/RES/MSCHAPV2] > charon-nm: 06[ENC] generating IKE_AUTH request 9 [ EAP/RES/PEAP ] > charon-nm: 06[NET] sending packet: from 192.168.103.95[60160] to > 11.11.11.11[4500] (108 bytes) > charon-nm: 13[NET] received packet: from 11.11.11.11[4500] to > 192.168.103.95[60160] (172 bytes) > charon-nm: 13[ENC] parsed IKE_AUTH response 9 [ EAP/REQ/PEAP ] > charon-nm: 13[IKE] received tunneled EAP-PEAP AVP [EAP/REQ/ID] > charon-nm: 13[IKE] server requested EAP_IDENTITY authentication (id 0x09) > charon-nm: 13[IKE] sending tunneled EAP-PEAP AVP [EAP/RES/ID] > charon-nm: 13[ENC] generating IKE_AUTH request 10 [ EAP/RES/PEAP ] > charon-nm: 13[NET] sending packet: from 192.168.103.95[60160] to > 11.11.11.11[4500] (124 bytes) > charon-nm: 14[IKE] retransmit 1 of request with message ID 10 > charon-nm: 14[NET] sending packet: from 192.168.103.95[60160] to > 11.11.11.11[4500] (124 bytes) > charon-nm: 09[IKE] retransmit 2 of request with message ID 10 > charon-nm: 09[NET] sending packet: from 192.168.103.95[60160] to > 11.11.11.11[4500] (124 bytes) > charon-nm: 10[NET] received packet: from 11.11.11.11[4500] to > 192.168.103.95[60160] (76 bytes) > charon-nm: 10[ENC] parsed IKE_AUTH response 10 [ EAP/FAIL ] > charon-nm: 10[IKE] received EAP_FAILURE, EAP authentication failed > charon-nm: 10[ENC] generating INFORMATIONAL request 11 [ N(AUTH_FAILED) ] > charon-nm: 10[NET] sending packet: from 192.168.103.95[60160] to > 11.11.11.11[4500] (76 bytes) > NetworkManager[723]: <warn> [1579812873.7333] > vpn-connection[0x55c27fae61a0,43409cea-49d3-4cdc-acde-84146d74abe6,"VPN > 1",0]: VPN plugin: failed: connect-failed (1) > NetworkManager[723]: <warn> [1579812873.7334] > vpn-connection[0x55c27fae61a0,43409cea-49d3-4cdc-acde-84146d74abe6,"VPN > 1",0]: VPN plugin: failed: connect-failed (1) > NetworkManager[723]: <info> [1579812873.7336] > vpn-connection[0x55c27fae61a0,43409cea-49d3-4cdc-acde-84146d74abe6,"VPN > 1",0]: VPN plugin: state changed: stopping (5) > NetworkManager[723]: <info> [1579812873.7337] > vpn-connection[0x55c27fae61a0,43409cea-49d3-4cdc-acde-84146d74abe6,"VPN > 1",0]: VPN plugin: state changed: stopped (6) > > May you help me?
the log clearly says "authentication failed" This is handled in the backend RADIUS server. The reason for the failure is hidden in the log files of the RADIUS server. Mit freundlichen Grüßen, -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG,80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief Aufsichtsratsvorsitzender: Florian Kirstein
signature.asc
Description: OpenPGP digital signature
