Hello, I’ve been trying to create an IPSec VPN in my OpenBSD computer and every time I connect my Android phone (running StrongSWAN) to the server I get the following errors in the logs (running iked -dvvv):
> ikev2_sa_responder_dh: invalid dh, size 4096 > ikev2_resp_recv: failed to get IKE SA keys My iked.conf is: > ikev2 "base" from any to any \ > peer any \ > ikesa enc aes-256 auth hmac-sha2-512 group modp4096 \ > childsa enc aes-256 auth hmac-sha2-512 group modp4096 \ > config address 192.168.2.0/24 \ > config name-server 192.168.1.254 \ > config access-server 192.168.1.254 I’m using 4096 keys and modp4096 but AFAIK both the server and the cliente support them. I’m not sure where to start troubleshooting the problem and could use some help. Thanks in advance.
