Hello, I am trying to configure a roadwarrior system between Linux Debian and Windows XP.
I configure the gateway like in the example but it give me this error: Mar 26 14:06:51 debian charon: 12[IKE] no trusted RSA public key found for ' [email protected]' Mar 26 14:06:51 debian charon: 12[CFG] no alternative config found Mar 26 14:06:51 debian charon: 12[ENC] generating INFORMATIONAL_V1 request 2480925513 [ HASH N(AUTH_FAILED) ] How can I solve it? Thank you very much. LOG FILE Mar 26 14:06:40 debian charon: 00[DMN] signal of type SIGINT received. Shutting down Mar 26 14:06:43 debian charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.0.2, Linux 2.6.32-5-amd64, x86_64) Mar 26 14:06:43 debian charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts' Mar 26 14:06:43 debian charon: 00[CFG] loaded ca certificate "C=UK, ST=Beds, L=Luton, O=Beds, OU=IT, CN=Beds CA, N=IPSec, [email protected]" from '/etc/ipsec.d/cacerts/ca.crt' Mar 26 14:06:43 debian charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts' Mar 26 14:06:43 debian charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts' Mar 26 14:06:43 debian charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts' Mar 26 14:06:43 debian charon: 00[CFG] loading crls from '/etc/ipsec.d/crls' Mar 26 14:06:43 debian charon: 00[CFG] loading secrets from '/etc/ipsec.secrets' Mar 26 14:06:43 debian charon: 00[CFG] loaded RSA private key from '/etc/ipsec.d/private/gateway.key' Mar 26 14:06:43 debian charon: 00[DMN] loaded plugins: charon curl test-vectors aes des sha1 sha2 md5 pem pkcs1 pkcs8 gmp random nonce x509 revocation hmac xcbc cmac ctr ccm gcm stroke kernel-netlink socket-default updown Mar 26 14:06:43 debian charon: 00[JOB] spawning 16 worker threads Mar 26 14:06:43 debian charon: 08[CFG] received stroke: add connection 'rw' Mar 26 14:06:43 debian charon: 08[CFG] loaded certificate "C=UK, ST=Beds, L=Luton, O=Beds, OU=IT, CN=gateway, N=IPSec, [email protected]" from 'gateway.crt' Mar 26 14:06:43 debian charon: 08[CFG] id 'gw.ipsec.com' not confirmed by certificate, defaulting to 'C=UK, ST=Beds, L=Luton, O=Beds, OU=IT, CN=gateway, N=IPSec, [email protected]' Mar 26 14:06:43 debian charon: 08[CFG] added configuration 'rw' Mar 26 14:06:51 debian charon: 10[NET] received packet: from 172.16.151.141[500] to 172.16.151.100[500] (3756 bytes) Mar 26 14:06:51 debian charon: 10[ENC] parsed ID_PROT request 0 [ SA V V V V V V V V V V V ] Mar 26 14:06:51 debian charon: 10[IKE] received draft-ietf-ipsec-nat-t-ike-00 vendor ID Mar 26 14:06:51 debian charon: 10[ENC] received unknown vendor ID: 16:f6:ca:16:e4:a4:06:6d:83:82:1a:0f:0a:ea:a8:62 Mar 26 14:06:51 debian charon: 10[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID Mar 26 14:06:51 debian charon: 10[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID Mar 26 14:06:51 debian charon: 10[IKE] received NAT-T (RFC 3947) vendor ID Mar 26 14:06:51 debian charon: 10[IKE] received FRAGMENTATION vendor ID Mar 26 14:06:51 debian charon: 10[IKE] received DPD vendor ID Mar 26 14:06:51 debian charon: 10[ENC] received unknown vendor ID: f1:4b:94:b7:bf:f1:fe:f0:27:73:b8:c4:9f:ed:ed:26 Mar 26 14:06:51 debian charon: 10[ENC] received unknown vendor ID: 16:6f:93:2d:55:eb:64:d8:e4:df:4f:d3:7e:23:13:f0:d0:fd:84:51 Mar 26 14:06:51 debian charon: 10[ENC] received unknown vendor ID: 84:04:ad:f9:cd:a0:57:60:b2:ca:29:2e:4b:ff:53:7b Mar 26 14:06:51 debian charon: 10[IKE] received Cisco Unity vendor ID Mar 26 14:06:51 debian charon: 10[IKE] 172.16.151.141 is initiating a Main Mode IKE_SA Mar 26 14:06:51 debian charon: 10[ENC] generating ID_PROT response 0 [ SA V V V ] Mar 26 14:06:51 debian charon: 10[NET] sending packet: from 172.16.151.100[500] to 172.16.151.141[500] (140 bytes) Mar 26 14:06:51 debian charon: 11[NET] received packet: from 172.16.151.141[500] to 172.16.151.100[500] (365 bytes) Mar 26 14:06:51 debian charon: 11[ENC] parsed ID_PROT request 0 [ KE No CERTREQ NAT-D NAT-D ] Mar 26 14:06:51 debian charon: 11[IKE] ignoring certificate request without data Mar 26 14:06:51 debian charon: 11[IKE] sending cert request for "C=UK, ST=Beds, L=Luton, O=Beds, OU=IT, CN=Beds CA, N=IPSec, [email protected]" Mar 26 14:06:51 debian charon: 11[ENC] generating ID_PROT response 0 [ KE No CERTREQ NAT-D NAT-D ] Mar 26 14:06:51 debian charon: 11[NET] sending packet: from 172.16.151.100[500] to 172.16.151.141[500] (517 bytes) Mar 26 14:06:51 debian charon: 12[NET] received packet: from 172.16.151.141[500] to 172.16.151.100[500] (1564 bytes) Mar 26 14:06:51 debian charon: 12[ENC] parsed ID_PROT request 0 [ ID CERT SIG ] Mar 26 14:06:51 debian charon: 12[IKE] received end entity cert "C=UK, ST=Beds, L=Luton, O=Beds, OU=IT, CN=client, N=IPSec, [email protected]" Mar 26 14:06:51 debian charon: 12[CFG] looking for RSA signature peer configs matching 172.16.151.100...172.16.151.141[[email protected]] Mar 26 14:06:51 debian charon: 12[CFG] selected peer config "rw" Mar 26 14:06:51 debian charon: 12[IKE] no trusted RSA public key found for ' [email protected]' Mar 26 14:06:51 debian charon: 12[CFG] no alternative config found Mar 26 14:06:51 debian charon: 12[ENC] generating INFORMATIONAL_V1 request 2480925513 [ HASH N(AUTH_FAILED) ] Mar 26 14:06:51 debian charon: 12[NET] sending packet: from 172.16.151.100[500] to 172.16.151.141[500] (92 bytes) Mar 26 14:07:18 debian mpt-statusd: detected non-optimal RAID status -- http://www.2dd.it
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
