Hi folks, Last week i tryed to connect to my IKEv2/IPsec VPN with a new computer running Windows 8 x64 RTM.
Surprisingly, it didn't manage to setup an authentication due to some IKEv2 error (although it works well on my Windows 7 clients simultaneously). After some analyse of my logs, I noticed a little detail which seems to have some importance : Windows isn't sending the right information to identify the client. Look: Running windows 8 : Sep 10 23:08:38 cerbere charon: 12[IKE] received end entity cert "C=FR, ST=IDF, O=STC Systems, OU=DSI, CN=MY_CN" Sep 10 23:08:38 cerbere charon: 12[CFG] looking for peer configs matching PUBLIC_SERVER_IP[%any]...PUBLIC_CLIENT_IP[172.22.205.45] Running windows 7 : Sep 10 22:52:48 cerbere charon: 13[IKE] received end entity cert "C=FR, ST=IDF, O=STC Systems, OU=DSI, CN=MY_CN, E=MY_MAIL" Sep 10 22:52:48 cerbere charon: 13[CFG] looking for peer configs matching PUBLIC_SERVER_IP[%any]...PUBLIC_CLIENT_IP[C=FR, ST=IDF, O=STC Systems, OU=DSI, CN=MY_CN, E=MY_MAIL] Even if my certs are correctly installed on the client, windows is still sending a private IP adress to the server instead of the client cert signature. Why? I think it's a windows "bug" but i'm more confident in fiding a strongswan's way to get rid of it than waiting for a Microsoft update. Or maybe there's a simple trick around there to make it works. I'm running Stringswan 4.6.2 Charon. I plan to upgrade it to 5.0 when it will be fully available as a Debian packet. Will someone have information about this problem? Thanks in advance, regards. -- *François Lacombe* francois dot lacombe At infos-reseaux dot com <mailto:%66%72%61%6E%63%6F%69%73%2E%6C%61%63%6F%6D%62%65%40%69%6E%66%6F%73%2D%72%65%73%65%61%75%78%2E%63%6F%6D> http://www.infos-reseaux.com _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
