my ipsec.conf
config setup
crlcheckinterval=180
nat_traversal=yes
charonstart=yes
strictcrlpolicy=no
plutostart=no
conn %default
ikelifetime=60m
keylife=20m
keyexchange=ikev2
rekeymargin=3m
keyingtries=1
left=167.22.15.11
leftnexthop=167.22.15.1
leftcert=no2.crt
left...@test
leftsourceip=10.3.0.1
leftsubnet=0.0.0.0/0
right=%any
rightsourceip=10.3.0.2
rightsubnet=10.3.0.0/24
auto=start
strongswan.conf
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac
xcbc stroke kernel-netlink updown
}
libstrongswan {
}
ipsec.secrets
: RSA no2.key
---------------------------------------------------------
ipsec statusall:
ipsec statusall
Status of IKEv2 charon daemon (strongSwan 4.3.6dr5):
uptime: 105 seconds, since Jan 06 14:08:19 2010
worker threads: 9 idle of 16, job queue load: 0, scheduled events: 0
loaded plugins: curl aes des sha1 sha2 md5 fips-prf random x509
pubkey pkcs1 pgp dnskey pem sqlite xcbc hmac gmp kernel-netlink stroke
updown attr resolve
Listening IP addresses:
167.22.15.11
10.0.0.1
Connections:
Security Associations:
none
vpn clients:
Initializing the connection using certificate "no1"
Contacting the security gateway at 167.22.15.11...
Secure VPN Connection terminated locally by the Client.
Reason 412: The remote peer is no longer responding.
Connection terminated on: Jan 6, 2010 22:41:52 Duration: 0
day(s), 00:00.00
Not connected.
--------------------------
Thanks for everyone's reply.
On Wed, Jan 6, 2010 at 9:38 PM, Daniel Mentz
<[email protected]> wrote:
> Kalaj wrote:
>>
>> just want to use Cisco VPN client to connect Strongswan but failed.
>> Used x509 authentication and enable --cisco-quirks , maybe I made a
>> wrong certs or wrong conf,
>> can you guys give me some advices? Thanks.
>
> Please provide more details that enable troubleshooting: log files and the
> exact error message you get from Ciscos VPN client.
>
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
