Hi I am tring to connect StrongSwan android app to the server. my server reside in AWS EC2. I have opened the Amazon firewall, but i am keep getting NO_PROPOSAL_CHOSEN, which means i have something wrong in ipsec.conf
$ tail /var/log/syslog Feb 1 10:24:30 myEC2server charon: 10[CFG] added configuration 'rw-carol' Feb 1 10:24:55 myEC2server charon: 11[NET] received packet: from 80.47.xxx.xxx[47170] to 10.206.xxx.xxx[500] (660 bytes) Feb 1 10:24:55 myEC2server charon: 11[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ] Feb 1 10:24:55 myEC2server charon: 11[IKE] no IKE config found for 10.206.xxx.xxx...80.47.xxx.xxx, sending NO_PROPOSAL_CHOSEN Feb 1 10:24:55 myEC2server charon: 11[ENC] generating IKE_SA_INIT response 0 [ N(NO_PROP) ] Feb 1 10:24:55 myEC2server charon: 11[NET] sending packet: from 10.206.xxx.xxx[500] to 80.47.xxx.xxx[47170] (36 bytes) $ cat /etc/ipsec.conf # /etc/ipsec.conf - strongSwan IPsec configuration file config setup conn %default ikelifetime=60m keylife=20m rekeymargin=3m keyingtries=1 keyexchange=ikev2 left=107.22.xxx.xxx leftsubnet=0.0.0.0/0 leftcert=certificate.der leftid=107.22.xxx.xxx leftfirewall=yes conn rw-carol right=%any rightsourceip=10.3.0.0/28 rightcert=clientCer.der rightauth = pubkey auto=add this is my external ip : 107.22.xxx.xxx in android app i am trying to connect with IKEv2 Certificate. I have installed the .pfx in server and in the android app. please help to understand the problem of my configuration. Best Mohsen
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
