Axel, just another idea: maybe your peer and charon don't have the same understanding of the key exchange and derive a different shared secret. Hence the failure with the first encrypted packet. Can you initiate the tunnel from the other side? If you set the log facility enc to level 4 ([1]) you should see some helpful information in your log (with a debug version you can even see the keys!).
Cheers, Thomas [1] 'stroke loglevel enc 4' _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
