Hello Kavitha,
ipsec listcerts shows
- an end entity certificate for the local peer
CN=169.254.1.70 without a matching private key
- an end entity certificate for the remote peer
CN=169.254.0.70 with a matching private key
Why do you reference the private key of the remote peer
instead
Trying to setup ipsec site to site scenario on two red hat machines. I
get the following error: no acceptable proposal found on both
machines. Can you guys please tell me why I'm getting the following
error.
I jave pasted the configs and logs from both machines.
RH1: ipsec.conf
conn net-net
is it possible to configure Strongswan + IKEv2 using charon as per usual
in roadwarrior mode to specify that the networks to be accessible across
the IKEv2 tunnel are to be ALL networks except the right hand subnet as
it is known to the right side at the point in time of connection? I
connect
Hello Shashi,
ike=3des looks like a very simple proposal. Could it be that some
cryptographic plugins were not correctly loaded during the daemon
startup? Look for any strange entries in the logs.
In order to diagnose the situation could you ramp up the debugging
level on both sides by defining