For the sake of discussion and to rule out misunderstanding, here's my complete
and working ipsec configuration file:
conn L2TP-PSK
pfs=no
auto=add
ikev2=no
ike=aes256-sha1-modp1024,aes128-sha1-modp1024,3des-sha1-modp1024
esp=aes256-sha256,aes256-sha1,3des-sha1
authby=secret
type=transport
left=24.196.53.220
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
dpddelay=30
dpdtimeout=120
dpdaction=clear
I tried the suggested esp change:
esp=aes256-sha2_512,aes256-sha1,aes256-sha2_256,3des-sha1
The connection loaded without error, but when I tested with both Windows and
iPhone, the dread message returned:
...no connection has been authorized with policy PSK+IKEV1_ALLOW
I don't have an Android device on hand to test right now, but it would be great to have a
"one-size-fits-all" solution.
(At least for common consumer devices.)
Thanks to all,
-Hugh Sparks
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
