Re: [strongSwan] no matching peer config found

2020-10-02 Thread Volodymyr Litovka
Hi Tom, I'm using similar configuration, but without keyingtries. Give it a chance without this parameter. And try to set local_addr = 10.17.0.3 in connections.VPN01 due to the following: 10[CFG] looking for peer configs matching 10.17.0.3[%any]...81.xxx.yyy.zzz[81.xxx.yyy.zzz] 10[CFG] no

[strongSwan] no matching peer config found

2020-10-02 Thread Tom Cannaerts
I'm trying to setup a connection between a StrongSwan behind NAT and a directly connected Fortigate but I just can't get the connection up. This is the relevant config: # 10.17.0.3 is the private IP of StrongSwan # 83.aaa.bbb.ccc is the public IP of StrongSwan where port 500 and 4500 are NAT'd

Re: [strongSwan] no matching peer config found

2018-05-02 Thread ccsalway
Ah!!! Ok. Thank you > On 2 May 2018, at 08:55, Tobias Brunner wrote: > > Hi Christian, > >> I am trying to re-use settings so that just the certificate is different >> (vpnserver uses ECDSA, vpnsever1 uses RSA), which according to the help >> page [1] should be possible:

Re: [strongSwan] no matching peer config found

2018-05-02 Thread Tobias Brunner
Hi Christian, > I am trying to re-use settings so that just the certificate is different > (vpnserver uses ECDSA, vpnsever1 uses RSA), which according to the help > page [1] should be possible: No, that's not how this works. What you actually define by adding a second local* section is a second

[strongSwan] no matching peer config found

2018-05-01 Thread Christian Salway
Version: strongSwan 5.6.2 using swanctl I am trying to re-use settings so that just the certificate is different (vpnserver uses ECDSA, vpnsever1 uses RSA), which according to the help page [1] should be possible: "connections..local sectionSection for a local authentication round. A local

Re: [strongSwan] no matching peer config found

2017-10-09 Thread rajeev nohria
I figured out, one of certificate was not loaded. Fixed it and working now. On Mon, Oct 9, 2017 at 10:36 AM, rajeev nohria wrote: > I am using swanctl, and having "no matching peer config found" issue. > > Please find logs and swanctl.conf in this email. > > Thanks, >

[strongSwan] no matching peer config found

2017-10-09 Thread rajeev nohria
I am using swanctl, and having "no matching peer config found" issue. Please find logs and swanctl.conf in this email. Thanks, Rajeev 9[NET] received packet: from fc00:cada:c402:607::1001[500] to 2017::5002[500] (264 bytes) 09[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP)

[strongSwan] no matching peer config found

2011-04-03 Thread Terry Hennessy
Hello, I'm trying to setup IPSec with strongswan 4.5.1 between a Blade Server and a KVM on my laptop, both with RHEL6. I'm running into a problem where I see no matching peer config found in the charon.log. I've seen the previous posts on this error. But I don't see what I'm doing wrong.

Re: [strongSwan] no matching peer config found

2009-08-27 Thread Martin Willi
Hi, I can not find the daemon.log on moon side. charon by default logs to the DAEMON syslog facility. But it depends on your syslogger configuration to which file syslogger logs to. The moon side is Fedora Core 9 Linux. Our (rather old) Fedora box uses /var/log/daemon. Regards Martin

Re: [strongSwan] no matching peer config found

2009-08-26 Thread Zhang, Long (Roger)
) Sent: Thursday, August 27, 2009 8:58 AM To: Martin Willi Cc: users@lists.strongswan.org Subject: Re: [strongSwan] no matching peer config found Martin, Thanks for your reply. I tried with the full DN, but still failed :-( I tried with DN C=CN, ST=Shandong, O=ALU, OU=RD, CN

Re: [strongSwan] no matching peer config found

2009-08-26 Thread Zhang, Long (Roger)
...@strongswan.org] Sent: Thursday, August 27, 2009 1:25 PM To: Zhang, Long (Roger) Cc: Martin Willi; users@lists.strongswan.org Subject: Re: [strongSwan] no matching peer config found Roger, as Martin mentioned in his previous mail, a stupid bug was introduced some time back in the strongSwan 4.3