What does ipsec statusall show? Have you looked at the WiKi? https://www.strongswan.org/uml/testresults/ikev2/net2net-psk/
or are you trying to authenticate with the Windows Agile Client? Regards, Randy On Thu, Jul 16, 2015 at 6:56 PM, Aaron <[email protected]> wrote: > Hmm well I thought I already tried something like this which is what I > think you're referring to? > 10.1.0.1 10.2.0.1: PSK "secret shared by two hosts" > But I may have tried only a unique PSK for each host ? > On Jul 16, 2015 5:44 PM, "Randy Wyatt" <[email protected]> wrote: > >> look deeply into your ipsec.secrets >> >> On Thu, Jul 16, 2015 at 5:21 PM, Aaron <[email protected]> wrote: >> >>> Thanks. Here is the right side and left side. >>> I notice on the left side it has this error. " no IKE config found for >>> 10.100.1.20...10.100.1.131, sending NO_PROPOSAL_CHOSEN" >>> >>> #rightside >>> Jul 17 00:14:06 vpn02 charon: 00[CFG] loading attribute certificates >>> from '/etc/strongswan/ipsec.d/acerts' >>> Jul 17 00:14:06 vpn02 charon: 00[CFG] loading crls from >>> '/etc/strongswan/ipsec.d/crls' >>> Jul 17 00:14:06 vpn02 charon: 00[CFG] loading secrets from >>> '/etc/strongswan/ipsec.secrets' >>> Jul 17 00:14:06 vpn02 charon: 00[CFG] loaded IKE secret for %any >>> Jul 17 00:14:06 vpn02 charon: 00[LIB] loaded plugins: charon curl aes >>> des rc2 sha1 sha2 md4 md5 random nonce x509 revocation constraints acert >>> pubkey pkcs1 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp xcbc >>> cmac hmac attr kernel-netlink resolve socket-default farp stroke vici >>> updown eap-identity eap-md5 eap-gtc eap-mschapv2 eap-tls eap-ttls eap-peap >>> xauth-generic xauth-eap xauth-pam xauth-noauth dhcp >>> Jul 17 00:14:06 vpn02 charon: 00[LIB] unable to load 3 plugin features >>> (3 due to unmet dependencies) >>> Jul 17 00:14:06 vpn02 charon: 00[JOB] spawning 16 worker threads >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] stroke message => 750 bytes @ >>> 0x7f6e00000b00 >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 0: EE 02 00 00 03 00 00 00 FF >>> FF FF FF 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 16: 90 02 00 00 00 00 00 00 02 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 32: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 48: 00 00 00 00 00 00 00 00 02 >>> 00 00 00 40 00 00 00 ............@... >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 64: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 80: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 96: 00 00 00 00 01 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 112: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 01 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 128: 93 02 00 00 00 00 00 00 A8 >>> 02 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 144: 00 00 00 00 00 00 00 00 01 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 160: B0 04 00 00 00 00 00 00 10 >>> 0E 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 176: B4 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 192: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 208: 00 00 00 00 00 00 00 00 01 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 224: 64 00 00 00 00 00 00 00 1E >>> 00 00 00 00 00 00 00 d............... >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 240: 96 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 256: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 272: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 288: 00 00 00 00 00 00 00 00 B4 >>> 02 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 304: 00 00 00 00 00 00 00 00 B8 >>> 02 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 320: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 336: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 352: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 368: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 384: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 400: 00 00 00 00 00 00 00 00 C4 >>> 02 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 416: F4 01 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 432: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 448: 01 00 00 00 00 00 00 00 01 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 464: 00 00 00 00 FF FF 00 00 D0 >>> 02 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 480: 00 00 00 00 00 00 00 00 D4 >>> 02 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 496: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 512: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 528: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 544: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 560: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 576: 00 00 00 00 00 00 00 00 E1 >>> 02 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 592: F4 01 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 608: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 624: 01 00 00 00 00 00 00 00 01 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 640: 00 00 00 00 FF FF 00 00 FF >>> FF FF FF 00 00 00 00 ................ >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 656: 72 77 00 61 65 73 31 32 38 >>> 2D 73 68 61 31 2D 6D rw.aes128-sha1-m >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 672: 6F 64 70 31 30 32 34 00 61 >>> 65 73 31 32 38 2D 73 odp1024.aes128-s >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 688: 68 61 31 00 70 73 6B 00 31 >>> 30 2E 31 30 30 2E 31 ha1.psk.10.100.1 >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 704: 2E 32 30 00 31 30 2E 31 30 >>> 30 2E 31 2E 32 30 00 .20.10.100.1.20. >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 720: 70 73 6B 00 31 30 2E 31 30 >>> 30 2E 31 2E 31 33 31 psk.10.100.1.131 >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] 736: 00 31 30 2E 31 30 30 2E 31 >>> 2E 31 33 31 00 .10.100.1.131. >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] received stroke: add connection >>> 'rw' >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] conn rw >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] left=10.100.1.20 >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] leftauth=psk >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] leftid=10.100.1.20 >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] right=10.100.1.131 >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] rightauth=psk >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] rightid=10.100.1.131 >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] ike=aes128-sha1-modp1024 >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] esp=aes128-sha1 >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] dpddelay=30 >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] dpdtimeout=150 >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] mediation=no >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] keyexchange=ikev2 >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] left is other host, swapping ends >>> Jul 17 00:14:06 vpn02 charon: 08[CFG] added configuration 'rw' >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] stroke message => 659 bytes @ >>> 0x7f6dec000a90 >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 0: 93 02 00 00 00 00 00 00 01 >>> 00 00 00 FF 7F 00 00 ................ >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 16: 90 02 00 00 00 00 00 00 30 >>> E8 1F FE FF 7F 00 00 ........0....... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 32: F0 E1 1F FE FF 7F 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 48: 80 9E A7 B0 3C 7F 00 00 D4 >>> 94 A6 B0 3C 7F 00 00 ....<.......<... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 64: 00 00 00 D6 3F FC FF FF 00 >>> 00 00 00 00 00 00 00 ....?........... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 80: 30 E2 1F FE FE FF FF FF C8 >>> 00 00 00 00 00 00 00 0............... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 96: 02 00 00 00 3C 7F 00 00 F0 >>> E1 1F FE FF 7F 00 00 ....<........... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 112: 50 77 87 00 00 00 00 00 C7 >>> 00 00 00 00 00 00 00 Pw.............. >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 128: 30 E8 1F FE FF 7F 00 00 0D >>> 00 04 00 02 00 00 00 0............... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 144: 03 00 00 00 00 00 00 00 90 >>> EA 1F FE 00 00 00 00 ................ >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 160: 00 EA 1F FE FF 7F 00 00 F0 >>> E9 1F FE FF 7F 00 00 ................ >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 176: E0 E9 1F FE FF 7F 00 00 C8 >>> E9 1F FE FF 7F 00 00 ................ >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 192: D8 E9 1F FE FF 7F 00 00 01 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 208: 00 EB 1F FE FF 7F 00 00 06 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 224: 18 5B EA B0 3C 7F 00 00 C6 >>> BE C9 B0 3C 7F 00 00 .[..<.......<... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 240: F0 86 88 00 00 00 00 00 D0 >>> 86 88 00 00 00 00 00 ................ >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 256: F0 86 88 00 00 00 00 00 F0 >>> 86 88 00 00 00 00 00 ................ >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 272: F0 86 88 00 00 00 00 00 E0 >>> 68 88 00 00 00 00 00 .........h...... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 288: E0 68 88 00 00 00 00 00 30 >>> 84 88 00 00 00 00 00 .h......0....... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 304: 50 84 88 00 00 00 00 00 01 >>> 00 00 00 00 00 00 00 P............... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 320: 20 E3 1F FE FF 7F 00 00 75 >>> D0 07 B0 3C 7F 00 00 .......u...<... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 336: 00 50 EA B0 3C 7F 00 00 00 >>> 00 E0 C3 3F FC FF FF .P..<.......?... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 352: 00 00 36 A3 93 61 79 FE 00 >>> 00 00 00 00 00 00 00 ..6..ay......... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 368: E8 D6 EA B0 3C 7F 00 00 03 >>> 00 00 00 3C 7F 00 00 ....<.......<... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 384: 00 00 00 00 01 00 00 00 58 >>> E6 1F 01 00 00 00 00 ........X....... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 400: 00 00 00 00 3C 7F 00 00 0E >>> 00 00 00 00 00 00 00 ....<........... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 416: E0 E2 1F FE FF 7F 00 00 90 >>> EA 1F FE FF 7F 00 00 ................ >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 432: 00 EB 1F FE FF 7F 00 00 02 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 448: 20 00 00 00 30 00 00 00 80 >>> EA 1F FE FF 7F 00 00 ...0........... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 464: B0 E9 1F FE FF 7F 00 00 D2 >>> B2 C9 B0 3C 7F 00 00 ............<... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 480: 00 00 00 00 00 00 00 00 B6 >>> D1 C9 B0 3C 7F 00 00 ............<... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 496: D8 FF EA B0 3C 7F 00 00 30 >>> 0F 29 B0 3C 7F 00 00 ....<...0.).<... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 512: 00 EB 1F FE FF 7F 00 00 9E >>> BA C9 B0 3C 7F 00 00 ............<... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 528: 00 60 EA B0 3C 7F 00 00 98 >>> F9 EA B0 3C 7F 00 00 .`..<.......<... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 544: 20 00 00 00 30 00 00 00 80 >>> EA 1F FE FF 7F 00 00 ...0........... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 560: 20 00 00 00 30 00 00 00 F0 >>> EA 1F FE FF 7F 00 00 ...0........... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 576: 20 EA 1F FE FF 7F 00 00 00 >>> 79 87 00 00 00 00 00 ........y...... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 592: 28 00 00 00 30 00 00 00 D0 >>> E6 1F FE FF 7F 00 00 (...0........... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 608: 10 E6 1F FE FF 7F 00 00 00 >>> 79 87 00 00 00 00 00 .........y...... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 624: C0 E6 1F FE FF 7F 00 00 01 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 640: 20 00 00 00 30 00 00 00 40 >>> EB 1F FE FF 7F 00 00 ...0...@....... >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] 656: 72 77 >>> 00 rw. >>> Jul 17 00:14:24 vpn02 charon: 12[CFG] received stroke: initiate 'rw' >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] queueing IKE_VENDOR task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] queueing IKE_INIT task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] queueing IKE_NATD task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] queueing IKE_CERT_PRE task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] queueing IKE_AUTH task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] queueing IKE_CERT_POST task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] queueing IKE_CONFIG task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] queueing IKE_AUTH_LIFETIME task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] queueing IKE_MOBIKE task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] queueing CHILD_CREATE task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] activating new tasks >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] activating IKE_VENDOR task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] activating IKE_INIT task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] activating IKE_NATD task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] activating IKE_CERT_PRE task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] activating IKE_AUTH task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] activating IKE_CERT_POST task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] activating IKE_CONFIG task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] activating CHILD_CREATE task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] activating IKE_AUTH_LIFETIME task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] activating IKE_MOBIKE task >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] initiating IKE_SA rw[1] to >>> 10.100.1.20 >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] IKE_SA rw[1] state change: CREATED >>> => CONNECTING >>> Jul 17 00:14:24 vpn02 charon: 14[CFG] configured proposals: >>> IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, >>> IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/3DES_CBC/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/HMAC_MD5_96/HMAC_SHA1_96/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/AES_XCBC_96/AES_CMAC_96/PRF_HMAC_MD5/PRF_HMAC_SHA1/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/MODP_2048/MODP_2048_224/MODP_2048_256/MODP_1536/MODP_3072/MODP_4096/MODP_8192/MODP_1024/MODP_1024_160/ECP_256/ECP_384/ECP_521/ECP_224/ECP_192/ECP_224_BP/ECP_256_BP/ECP_384_BP/ECP_512_BP, >>> IKE:AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/PRF_HMAC_MD5/PRF_HMAC_SHA1/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/MODP_2048/MODP_2048_224/MODP_2048_256/MODP_1536/MODP_3072/MODP_4096/MODP_8192/MODP_1024/MODP_1024_160/ECP_256/ECP_384/ECP_521/ECP_224/ECP_192/ECP_224_BP/ECP_256_BP/ECP_384_BP/ECP_512_BP >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] natd_chunk => 22 bytes @ 0x113f590 >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] 0: F1 E5 AE 40 A7 E5 1B 7F 00 >>> 00 00 00 00 00 00 00 ...@............ >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] 16: 0A 64 01 14 01 >>> F4 .d.... >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] natd_hash => 20 bytes @ 0x113f5b0 >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] 0: 46 54 FB 3E 72 E6 77 AD 9C >>> 88 CE FC 78 04 58 36 FT.>r.w.....x.X6 >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] 16: F4 59 7F >>> E4 .Y.. >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] natd_chunk => 22 bytes @ 0x113f550 >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] 0: F1 E5 AE 40 A7 E5 1B 7F 00 >>> 00 00 00 00 00 00 00 ...@............ >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] 16: 0A 64 01 83 01 >>> F4 .d.... >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] natd_hash => 20 bytes @ 0x113f230 >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] 0: 63 7A 7F F9 D8 CF 34 82 EF >>> EB 30 16 21 8A 8A F0 cz....4...0.!... >>> Jul 17 00:14:24 vpn02 charon: 14[IKE] 16: 29 A5 67 >>> E3 ).g. >>> Jul 17 00:14:24 vpn02 charon: 14[ENC] generating IKE_SA_INIT request 0 [ >>> SA KE No N(NATD_S_IP) N(NATD_D_IP) ] >>> Jul 17 00:14:24 vpn02 charon: 14[NET] sending packet: from >>> 10.100.1.131[500] to 10.100.1.20[500] (964 bytes) >>> Jul 17 00:14:24 vpn02 charon: 15[NET] received packet: from >>> 10.100.1.20[500] to 10.100.1.131[500] (36 bytes) >>> Jul 17 00:14:24 vpn02 charon: 15[ENC] parsed IKE_SA_INIT response 0 [ >>> N(NO_PROP) ] >>> Jul 17 00:14:24 vpn02 charon: 15[IKE] received NO_PROPOSAL_CHOSEN notify >>> error >>> Jul 17 00:14:24 vpn02 charon: 15[CFG] configured proposals: >>> IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, >>> IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/3DES_CBC/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/HMAC_MD5_96/HMAC_SHA1_96/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/AES_XCBC_96/AES_CMAC_96/PRF_HMAC_MD5/PRF_HMAC_SHA1/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/MODP_2048/MODP_2048_224/MODP_2048_256/MODP_1536/MODP_3072/MODP_4096/MODP_8192/MODP_1024/MODP_1024_160/ECP_256/ECP_384/ECP_521/ECP_224/ECP_192/ECP_224_BP/ECP_256_BP/ECP_384_BP/ECP_512_BP, >>> IKE:AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/PRF_HMAC_MD5/PRF_HMAC_SHA1/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/MODP_2048/MODP_2048_224/MODP_2048_256/MODP_1536/MODP_3072/MODP_4096/MODP_8192/MODP_1024/MODP_1024_160/ECP_256/ECP_384/ECP_521/ECP_224/ECP_192/ECP_224_BP/ECP_256_BP/ECP_384_BP/ECP_512_BP >>> Jul 17 00:14:24 vpn02 charon: 15[IKE] IKE_SA rw[1] state change: >>> CONNECTING => DESTROYING >>> >>> #leftside >>> Jul 17 00:14:01 vpn02 charon: 00[CFG] loading secrets from >>> '/etc/strongswan/ipsec.secrets' >>> Jul 17 00:14:01 vpn02 charon: 00[CFG] loaded IKE secret for %any >>> Jul 17 00:14:01 vpn02 charon: 00[LIB] loaded plugins: charon curl aes >>> des rc2 sha1 sha2 md4 md5 random nonce x509 revocation constraints acert >>> pubkey pkcs1 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp xcbc >>> cmac hmac attr kernel-netlink resolve socket-default farp stroke vici >>> updown eap-identity eap-md5 eap-gtc eap-mschapv2 eap-tls eap-ttls eap-peap >>> xauth-generic xauth-eap xauth-pam xauth-noauth dhcp >>> Jul 17 00:14:01 vpn02 charon: 00[LIB] unable to load 3 plugin features >>> (3 due to unmet dependencies) >>> Jul 17 00:14:01 vpn02 charon: 00[JOB] spawning 16 worker threads >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] stroke message => 776 bytes @ >>> 0x7f30c8000b00 >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 0: 08 03 00 00 03 00 00 00 FF >>> FF FF FF 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 16: 90 02 00 00 00 00 00 00 02 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 32: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 48: 00 00 00 00 00 00 00 00 02 >>> 00 00 00 40 00 00 00 ............@... >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 64: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 80: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 96: 00 00 00 00 01 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 112: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 01 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 128: 93 02 00 00 00 00 00 00 A8 >>> 02 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 144: 00 00 00 00 00 00 00 00 01 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 160: B0 04 00 00 00 00 00 00 10 >>> 0E 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 176: B4 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 192: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 208: 00 00 00 00 00 00 00 00 01 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 224: 64 00 00 00 00 00 00 00 1E >>> 00 00 00 00 00 00 00 d............... >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 240: 96 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 256: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 272: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 288: 00 00 00 00 00 00 00 00 B4 >>> 02 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 304: 00 00 00 00 00 00 00 00 B8 >>> 02 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 320: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 336: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 352: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 368: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 384: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 400: C4 02 00 00 00 00 00 00 E0 >>> 02 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 416: F4 01 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 432: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 448: 01 00 00 00 00 00 00 00 01 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 464: 00 00 00 00 FF FF 00 00 EC >>> 02 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 480: 00 00 00 00 00 00 00 00 F0 >>> 02 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 496: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 512: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 528: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 544: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 560: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 576: 00 00 00 00 00 00 00 00 FC >>> 02 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 592: F4 01 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 608: 00 00 00 00 00 00 00 00 00 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 624: 01 00 00 00 00 00 00 00 01 >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 640: 00 00 00 00 FF FF 00 00 FF >>> FF FF FF 00 00 00 00 ................ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 656: 72 77 00 61 65 73 31 32 38 >>> 2D 73 68 61 31 2D 6D rw.aes128-sha1-m >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 672: 6F 64 70 31 30 32 34 00 61 >>> 65 73 31 32 38 2D 73 odp1024.aes128-s >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 688: 68 61 31 00 70 73 6B 00 31 >>> 30 2E 31 30 30 2E 31 ha1.psk.10.100.1 >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 704: 2E 32 30 00 73 74 72 6F 6E >>> 67 73 77 61 6E 20 5F .20.strongswan _ >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 720: 75 70 64 6F 77 6E 20 69 70 >>> 74 61 62 6C 65 73 00 updown iptables. >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 736: 31 30 2E 31 30 30 2E 31 2E >>> 32 30 00 70 73 6B 00 10.100.1.20.psk. >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 752: 31 30 2E 31 30 30 2E 31 2E >>> 33 31 00 31 30 2E 31 10.100.1.31.10.1 >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] 768: 30 30 2E 31 2E 33 31 >>> 00 00.1.31. >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] received stroke: add connection >>> 'rw' >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] conn rw >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] left=10.100.1.20 >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] leftauth=psk >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] leftid=10.100.1.20 >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] leftupdown=strongswan _updown >>> iptables >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] right=10.100.1.31 >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] rightauth=psk >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] rightid=10.100.1.31 >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] ike=aes128-sha1-modp1024 >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] esp=aes128-sha1 >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] dpddelay=30 >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] dpdtimeout=150 >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] mediation=no >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] keyexchange=ikev2 >>> Jul 17 00:14:01 vpn02 charon: 08[CFG] added configuration 'rw' >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] stroke message => 659 bytes @ >>> 0x7f30b4000a90 >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 0: 93 02 00 00 00 00 00 00 01 >>> 00 00 00 FF 7F 00 00 ................ >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 16: 90 02 00 00 00 00 00 00 B0 >>> F0 BA 51 FF 7F 00 00 ...........Q.... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 32: 70 EA BA 51 FF 7F 00 00 00 >>> 00 00 00 00 00 00 00 p..Q............ >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 48: 80 0E 84 A5 E3 7F 00 00 D4 >>> 04 83 A5 E3 7F 00 00 ................ >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 64: 00 00 00 E7 75 A3 FE FF 00 >>> 00 00 00 00 00 00 00 ....u........... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 80: B0 EA BA 51 FE FF FF FF C8 >>> 00 00 00 00 00 00 00 ...Q............ >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 96: 02 00 00 00 E3 7F 00 00 70 >>> EA BA 51 FF 7F 00 00 ........p..Q.... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 112: 50 07 FA 00 00 00 00 00 C7 >>> 00 00 00 00 00 00 00 P............... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 128: B0 F0 BA 51 FF 7F 00 00 0D >>> 00 04 00 02 00 00 00 ...Q............ >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 144: 03 00 00 00 00 00 00 00 10 >>> F3 BA 51 00 00 00 00 ...........Q.... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 160: 80 F2 BA 51 FF 7F 00 00 70 >>> F2 BA 51 FF 7F 00 00 ...Q....p..Q.... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 176: 60 F2 BA 51 FF 7F 00 00 48 >>> F2 BA 51 FF 7F 00 00 `..Q....H..Q.... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 192: 58 F2 BA 51 FF 7F 00 00 01 >>> 00 00 00 00 00 00 00 X..Q............ >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 208: 80 F3 BA 51 FF 7F 00 00 06 >>> 00 00 00 00 00 00 00 ...Q............ >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 224: 18 CB C6 A5 E3 7F 00 00 C6 >>> 2E A6 A5 E3 7F 00 00 ................ >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 240: F0 16 FB 00 00 00 00 00 D0 >>> 16 FB 00 00 00 00 00 ................ >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 256: F0 16 FB 00 00 00 00 00 F0 >>> 16 FB 00 00 00 00 00 ................ >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 272: F0 16 FB 00 00 00 00 00 E0 >>> F8 FA 00 00 00 00 00 ................ >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 288: E0 F8 FA 00 00 00 00 00 30 >>> 14 FB 00 00 00 00 00 ........0....... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 304: 50 14 FB 00 00 00 00 00 01 >>> 00 00 00 00 00 00 00 P............... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 320: A0 EB BA 51 FF 7F 00 00 75 >>> 40 E4 A4 E3 7F 00 00 ...Q....u@...... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 336: 00 C0 C6 A5 E3 7F 00 00 00 >>> 00 E0 D4 75 A3 FE FF ............u... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 352: 00 00 36 83 4C 4B C7 FF 00 >>> 00 00 00 00 00 00 00 ..6.LK.......... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 368: E8 46 C7 A5 E3 7F 00 00 03 >>> 00 00 00 E3 7F 00 00 .F.............. >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 384: 00 00 00 00 01 00 00 00 D8 >>> EE BA 01 00 00 00 00 ................ >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 400: 00 00 00 00 E3 7F 00 00 0E >>> 00 00 00 00 00 00 00 ................ >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 416: 60 EB BA 51 FF 7F 00 00 10 >>> F3 BA 51 FF 7F 00 00 `..Q.......Q.... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 432: 80 F3 BA 51 FF 7F 00 00 02 >>> 00 00 00 00 00 00 00 ...Q............ >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 448: 20 00 00 00 30 00 00 00 00 >>> F3 BA 51 FF 7F 00 00 ...0......Q.... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 464: 30 F2 BA 51 FF 7F 00 00 D2 >>> 22 A6 A5 E3 7F 00 00 0..Q....."...... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 480: 00 00 00 00 00 00 00 00 B6 >>> 41 A6 A5 E3 7F 00 00 .........A...... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 496: D8 6F C7 A5 E3 7F 00 00 30 >>> 7F 05 A5 E3 7F 00 00 .o......0....... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 512: 80 F3 BA 51 FF 7F 00 00 9E >>> 2A A6 A5 E3 7F 00 00 ...Q.....*...... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 528: 00 D0 C6 A5 E3 7F 00 00 98 >>> 69 C7 A5 E3 7F 00 00 .........i...... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 544: 20 00 00 00 30 00 00 00 00 >>> F3 BA 51 FF 7F 00 00 ...0......Q.... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 560: 20 00 00 00 30 00 00 00 70 >>> F3 BA 51 FF 7F 00 00 ...0...p..Q.... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 576: A0 F2 BA 51 FF 7F 00 00 00 >>> 09 FA 00 00 00 00 00 ...Q............ >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 592: 28 00 00 00 30 00 00 00 50 >>> EF BA 51 FF 7F 00 00 (...0...P..Q.... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 608: 90 EE BA 51 FF 7F 00 00 00 >>> 09 FA 00 00 00 00 00 ...Q............ >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 624: 40 EF BA 51 FF 7F 00 00 01 >>> 00 00 00 00 00 00 00 @..Q............ >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 640: 20 00 00 00 30 00 00 00 C0 >>> F3 BA 51 FF 7F 00 00 ...0......Q.... >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] 656: 72 77 >>> 00 rw. >>> Jul 17 00:14:21 vpn02 charon: 12[CFG] received stroke: initiate 'rw' >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] queueing IKE_VENDOR task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] queueing IKE_INIT task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] queueing IKE_NATD task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] queueing IKE_CERT_PRE task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] queueing IKE_AUTH task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] queueing IKE_CERT_POST task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] queueing IKE_CONFIG task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] queueing IKE_AUTH_LIFETIME task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] queueing IKE_MOBIKE task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] queueing CHILD_CREATE task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] activating new tasks >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] activating IKE_VENDOR task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] activating IKE_INIT task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] activating IKE_NATD task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] activating IKE_CERT_PRE task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] activating IKE_AUTH task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] activating IKE_CERT_POST task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] activating IKE_CONFIG task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] activating CHILD_CREATE task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] activating IKE_AUTH_LIFETIME task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] activating IKE_MOBIKE task >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] initiating IKE_SA rw[1] to >>> 10.100.1.31 >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] IKE_SA rw[1] state change: CREATED >>> => CONNECTING >>> Jul 17 00:14:21 vpn02 charon: 14[CFG] configured proposals: >>> IKE:AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024, >>> IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/3DES_CBC/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/HMAC_MD5_96/HMAC_SHA1_96/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/AES_XCBC_96/AES_CMAC_96/PRF_HMAC_MD5/PRF_HMAC_SHA1/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/MODP_2048/MODP_2048_224/MODP_2048_256/MODP_1536/MODP_3072/MODP_4096/MODP_8192/MODP_1024/MODP_1024_160/ECP_256/ECP_384/ECP_521/ECP_224/ECP_192/ECP_224_BP/ECP_256_BP/ECP_384_BP/ECP_512_BP, >>> IKE:AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/PRF_HMAC_MD5/PRF_HMAC_SHA1/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/MODP_2048/MODP_2048_224/MODP_2048_256/MODP_1536/MODP_3072/MODP_4096/MODP_8192/MODP_1024/MODP_1024_160/ECP_256/ECP_384/ECP_521/ECP_224/ECP_192/ECP_224_BP/ECP_256_BP/ECP_384_BP/ECP_512_BP >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] natd_chunk => 22 bytes @ 0x15ae590 >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] 0: 70 24 E2 E2 DF BC 86 58 00 >>> 00 00 00 00 00 00 00 p$.....X........ >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] 16: 0A 64 01 1F 01 >>> F4 .d.... >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] natd_hash => 20 bytes @ 0x15ae5b0 >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] 0: 93 16 F6 BD 62 D5 F4 B6 BE >>> 5A 55 43 51 48 98 AD ....b....ZUCQH.. >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] 16: BA 14 1E >>> F3 .... >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] natd_chunk => 22 bytes @ 0x15ae550 >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] 0: 70 24 E2 E2 DF BC 86 58 00 >>> 00 00 00 00 00 00 00 p$.....X........ >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] 16: 0A 64 01 14 01 >>> F4 .d.... >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] natd_hash => 20 bytes @ 0x15ae230 >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] 0: F1 D3 40 41 5A B9 3C F8 EF >>> 68 0A 26 C9 76 87 51 ..@AZ.<..h.&.v.Q >>> Jul 17 00:14:21 vpn02 charon: 14[IKE] 16: 70 78 0F >>> 4A px.J >>> Jul 17 00:14:21 vpn02 charon: 14[ENC] generating IKE_SA_INIT request 0 [ >>> SA KE No N(NATD_S_IP) N(NATD_D_IP) ] >>> Jul 17 00:14:21 vpn02 charon: 14[NET] sending packet: from >>> 10.100.1.20[500] to 10.100.1.31[500] (964 bytes) >>> Jul 17 00:14:24 vpn02 charon: 15[NET] received packet: from >>> 10.100.1.131[500] to 10.100.1.20[500] (964 bytes) >>> Jul 17 00:14:24 vpn02 charon: 15[ENC] parsed IKE_SA_INIT request 0 [ SA >>> KE No N(NATD_S_IP) N(NATD_D_IP) ] >>> Jul 17 00:14:24 vpn02 charon: 15[CFG] looking for an ike config for >>> 10.100.1.20...10.100.1.131 >>> Jul 17 00:14:24 vpn02 charon: 15[CFG] ike config match: 0 (10.100.1.20 >>> 10.100.1.131 IKEv2) >>> Jul 17 00:14:24 vpn02 charon: 15[IKE] no IKE config found for >>> 10.100.1.20...10.100.1.131, sending NO_PROPOSAL_CHOSEN >>> Jul 17 00:14:24 vpn02 charon: 15[ENC] generating IKE_SA_INIT response 0 >>> [ N(NO_PROP) ] >>> Jul 17 00:14:24 vpn02 charon: 15[NET] sending packet: from >>> 10.100.1.20[500] to 10.100.1.131[500] (36 bytes) >>> Jul 17 00:14:24 vpn02 charon: 15[IKE] IKE_SA (unnamed)[2] state change: >>> CREATED => DESTROYING >>> Jul 17 00:14:25 vpn02 charon: 16[IKE] retransmit 1 of request with >>> message ID 0 >>> Jul 17 00:14:25 vpn02 charon: 16[NET] sending packet: from >>> 10.100.1.20[500] to 10.100.1.31[500] (964 bytes) >>> Jul 17 00:14:32 vpn02 charon: 03[IKE] retransmit 2 of request with >>> message ID 0 >>> Jul 17 00:14:32 vpn02 charon: 03[NET] sending packet: from >>> 10.100.1.20[500] to 10.100.1.31[500] (964 bytes) >>> Jul 17 00:14:45 vpn02 charon: 02[IKE] retransmit 3 of request with >>> message ID 0 >>> Jul 17 00:14:45 vpn02 charon: 02[NET] sending packet: from >>> 10.100.1.20[500] to 10.100.1.31[500] (964 bytes) >>> Jul 17 00:15:08 vpn02 charon: 01[IKE] retransmit 4 of request with >>> message ID 0 >>> Jul 17 00:15:08 vpn02 charon: 01[NET] sending packet: from >>> 10.100.1.20[500] to 10.100.1.31[500] (964 bytes) >>> Jul 17 00:15:50 vpn02 charon: 10[IKE] retransmit 5 of request with >>> message ID 0 >>> Jul 17 00:15:50 vpn02 charon: 10[NET] sending packet: from >>> 10.100.1.20[500] to 10.100.1.31[500] (964 bytes) >>> Jul 17 00:17:06 vpn02 charon: 14[IKE] giving up after 5 retransmits >>> Jul 17 00:17:06 vpn02 charon: 14[IKE] establishing IKE_SA failed, peer >>> not responding >>> Jul 17 00:17:06 vpn02 charon: 14[IKE] IKE_SA rw[1] state change: >>> CONNECTING => DESTROYING >>> [root@vpn02 strongswan]# >>> >>> >>> >>> On Thu, Jul 16, 2015 at 5:05 PM, Randy Wyatt <[email protected]> >>> wrote: >>> >>>> ipsec stroke loglevel cfg 3 or >>>> place the following into your ipsec.conf >>>> >>>> charondebug="ike 3, knl 1, cfg 3" in >>>> >>>> a loglevel of 4 is only needed when asked by the experts. >>>> >>>> >>>> On Thu, Jul 16, 2015 at 4:58 PM, Aaron <[email protected]> wrote: >>>> >>>>> Where do I increase the logging for cfg? >>>>> >>>>> I added the options you mentioned. I also added a leftauth and >>>>> rightauth >>>>> >>>>> config setup >>>>> strictcrlpolicy=no >>>>> # uniqueids = no >>>>> charondebug="ike 4" >>>>> >>>>> # Add connections here. >>>>> conn %default >>>>> ikelifetime=60m >>>>> keylife=20m >>>>> rekeymargin=3m >>>>> keyingtries=1 >>>>> keyexchange=ikev2 >>>>> >>>>> conn rw >>>>> ike=aes128-sha1-modp1024 >>>>> esp=aes128-sha1 >>>>> authby=secret >>>>> leftauth=psk >>>>> rightauth=psk >>>>> left=10.100.1.20 >>>>> leftid=10.100.1.20 >>>>> leftfirewall=no >>>>> right=10.100.1.131 >>>>> rightid=10.100.1.131 >>>>> auto=add >>>>> >>>>> >>>>> On Thu, Jul 16, 2015 at 4:48 PM, Randy Wyatt <[email protected]> >>>>> wrote: >>>>> >>>>>> It appears that we will need increased logging for cfg as well. Have >>>>>> you thought about my suggestion and just hardcoding the proposal for now? >>>>>> >>>>>> >>>>>> On Thu, Jul 16, 2015 at 4:44 PM, Aaron <[email protected]> wrote: >>>>>> >>>>>>> Thanks. I've added the two lines to the ipsec.conf file and >>>>>>> increased debugging. It appears to be the same error. >>>>>>> >>>>>>> Here is the log from the left side and right side as well as the >>>>>>> strongswan.conf file. >>>>>>> You'll see in the logs that some certs are loaded but I am not using >>>>>>> them in my ipsec.conf. I just want to use PSK's at this time. >>>>>>> >>>>>>> #left side log >>>>>>> Jul 16 23:27:17 vpn02 charon: 00[DMN] Starting IKE charon daemon >>>>>>> (strongSwan 5.2.0, Linux 2.6.32-431.29.2.el6.x86_64, x86_64) >>>>>>> Jul 16 23:27:17 vpn02 charon: 00[LIB] openssl FIPS mode(2) - enabled >>>>>>> Jul 16 23:27:17 vpn02 charon: 00[CFG] loading ca certificates from >>>>>>> '/etc/strongswan/ipsec.d/cacerts' >>>>>>> Jul 16 23:27:17 vpn02 charon: 00[CFG] loaded ca certificate "C=US, >>>>>>> ST=WA, L=xxxx, O=xxxx, OU=xxxx, CN=StrongSwan Intermediate CA" from >>>>>>> '/etc/strongswan/ipsec.d/cacerts/int.pem' >>>>>>> Jul 16 23:27:17 vpn02 charon: 00[CFG] loaded ca certificate "C=US, >>>>>>> ST=WA, L=xxxx, O=xxxx, OU=xxxx, CN=StrongSwan Root CA" from >>>>>>> '/etc/strongswan/ipsec.d/cacerts/rootCa.crt.pem' >>>>>>> Jul 16 23:27:17 vpn02 charon: 00[CFG] loading aa certificates from >>>>>>> '/etc/strongswan/ipsec.d/aacerts' >>>>>>> Jul 16 23:27:17 vpn02 charon: 00[CFG] loading ocsp signer >>>>>>> certificates from '/etc/strongswan/ipsec.d/ocspcerts' >>>>>>> Jul 16 23:27:17 vpn02 charon: 00[CFG] loading attribute certificates >>>>>>> from '/etc/strongswan/ipsec.d/acerts' >>>>>>> Jul 16 23:27:17 vpn02 charon: 00[CFG] loading crls from >>>>>>> '/etc/strongswan/ipsec.d/crls' >>>>>>> Jul 16 23:27:17 vpn02 charon: 00[CFG] loading secrets from >>>>>>> '/etc/strongswan/ipsec.secrets' >>>>>>> Jul 16 23:27:17 vpn02 charon: 00[CFG] loaded IKE secret for %any >>>>>>> Jul 16 23:27:17 vpn02 charon: 00[LIB] loaded plugins: charon curl >>>>>>> aes des rc2 sha1 sha2 md4 md5 random nonce x509 revocation constraints >>>>>>> acert pubkey pkcs1 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf >>>>>>> gmp >>>>>>> xcbc cmac hmac attr kernel-netlink resolve socket-default farp stroke >>>>>>> vici >>>>>>> updown eap-identity eap-md5 eap-gtc eap-mschapv2 eap-tls eap-ttls >>>>>>> eap-peap >>>>>>> xauth-generic xauth-eap xauth-pam xauth-noauth dhcp >>>>>>> Jul 16 23:27:17 vpn02 charon: 00[LIB] unable to load 3 plugin >>>>>>> features (3 due to unmet dependencies) >>>>>>> Jul 16 23:27:17 vpn02 charon: 00[JOB] spawning 16 worker threads >>>>>>> Jul 16 23:27:17 vpn02 charon: 08[CFG] received stroke: add >>>>>>> connection 'rw' >>>>>>> Jul 16 23:27:17 vpn02 charon: 08[CFG] added configuration 'rw' >>>>>>> Jul 16 23:27:23 vpn02 charon: 10[CFG] received stroke: initiate 'rw' >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] queueing IKE_VENDOR task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] queueing IKE_INIT task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] queueing IKE_NATD task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] queueing IKE_CERT_PRE task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] queueing IKE_AUTH task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] queueing IKE_CERT_POST task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] queueing IKE_CONFIG task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] queueing IKE_AUTH_LIFETIME task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] queueing IKE_MOBIKE task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] queueing CHILD_CREATE task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] activating new tasks >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] activating IKE_VENDOR task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] activating IKE_INIT task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] activating IKE_NATD task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] activating IKE_CERT_PRE task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] activating IKE_AUTH task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] activating IKE_CERT_POST task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] activating IKE_CONFIG task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] activating CHILD_CREATE task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] activating IKE_AUTH_LIFETIME >>>>>>> task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] activating IKE_MOBIKE task >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] initiating IKE_SA rw[1] to >>>>>>> 10.100.1.31 >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] IKE_SA rw[1] state change: >>>>>>> CREATED => CONNECTING >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] natd_chunk => 22 bytes @ >>>>>>> 0x7fe30c0028c0 >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] 0: 6A 4A DE E8 FC 8C FF D9 >>>>>>> 00 00 00 00 00 00 00 00 jJ.............. >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] 16: 0A 64 01 1F 01 >>>>>>> F4 .d.... >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] natd_hash => 20 bytes @ >>>>>>> 0x7fe30c0028e0 >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] 0: BE 1C 33 77 01 44 51 EF >>>>>>> 11 0C 28 5E 55 66 F1 65 ..3w.DQ...(^Uf.e >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] 16: 7C 85 04 >>>>>>> 6A |..j >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] natd_chunk => 22 bytes @ >>>>>>> 0x7fe30c0025c0 >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] 0: 6A 4A DE E8 FC 8C FF D9 >>>>>>> 00 00 00 00 00 00 00 00 jJ.............. >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] 16: 0A 64 01 14 01 >>>>>>> F4 .d.... >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] natd_hash => 20 bytes @ >>>>>>> 0x7fe30c0025e0 >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] 0: 2C 77 72 D7 74 8D 69 C1 >>>>>>> D7 5C 90 3E B7 66 79 D9 ,wr.t.i..\.>.fy. >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[IKE] 16: DB 4B 9B >>>>>>> 3D .K.= >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[ENC] generating IKE_SA_INIT request >>>>>>> 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ] >>>>>>> Jul 16 23:27:23 vpn02 charon: 12[NET] sending packet: from >>>>>>> 10.100.1.20[500] to 10.100.1.31[500] (964 bytes) >>>>>>> Jul 16 23:27:27 vpn02 charon: 13[IKE] retransmit 1 of request with >>>>>>> message ID 0 >>>>>>> Jul 16 23:27:27 vpn02 charon: 13[NET] sending packet: from >>>>>>> 10.100.1.20[500] to 10.100.1.31[500] (964 bytes) >>>>>>> Jul 16 23:27:29 vpn02 charon: 14[NET] received packet: from >>>>>>> 10.100.1.131[500] to 10.100.1.20[500] (964 bytes) >>>>>>> Jul 16 23:27:29 vpn02 charon: 14[ENC] parsed IKE_SA_INIT request 0 [ >>>>>>> SA KE No N(NATD_S_IP) N(NATD_D_IP) ] >>>>>>> Jul 16 23:27:29 vpn02 charon: 14[IKE] no IKE config found for >>>>>>> 10.100.1.20...10.100.1.131, sending NO_PROPOSAL_CHOSEN >>>>>>> Jul 16 23:27:29 vpn02 charon: 14[ENC] generating IKE_SA_INIT >>>>>>> response 0 [ N(NO_PROP) ] >>>>>>> Jul 16 23:27:29 vpn02 charon: 14[NET] sending packet: from >>>>>>> 10.100.1.20[500] to 10.100.1.131[500] (36 bytes) >>>>>>> Jul 16 23:27:29 vpn02 charon: 14[IKE] IKE_SA (unnamed)[2] state >>>>>>> change: CREATED => DESTROYING >>>>>>> >>>>>>> #right side >>>>>>> Jul 16 23:27:12 vpn03 charon: 00[DMN] Starting IKE charon daemon >>>>>>> (strongSwan 5.2.0, Linux 2.6.32-431.29.2.el6.x86_64, x86_64) >>>>>>> Jul 16 23:27:12 vpn03 charon: 00[LIB] openssl FIPS mode(2) - enabled >>>>>>> Jul 16 23:27:12 vpn03 charon: 00[CFG] loading ca certificates from >>>>>>> '/etc/strongswan/ipsec.d/cacerts' >>>>>>> Jul 16 23:27:12 vpn03 charon: 00[CFG] loaded ca certificate "C=US, >>>>>>> ST=WA, L=xxxxx, O=xxxxx, OU=xxxxx, CN=StrongSwan Intermediate CA" from >>>>>>> '/etc/strongswan/ipsec.d/cacerts/int.crt.pem' >>>>>>> Jul 16 23:27:12 vpn03 charon: 00[CFG] loaded ca certificate "C=US, >>>>>>> ST=WA, L=xxxxx, O=xxxxx, OU=xxxxx, CN=StrongSwan Root CA" from >>>>>>> '/etc/strongswan/ipsec.d/cacerts/rootCa.crt.pem' >>>>>>> Jul 16 23:27:12 vpn03 charon: 00[CFG] loading aa certificates from >>>>>>> '/etc/strongswan/ipsec.d/aacerts' >>>>>>> Jul 16 23:27:12 vpn03 charon: 00[CFG] loading ocsp signer >>>>>>> certificates from '/etc/strongswan/ipsec.d/ocspcerts' >>>>>>> Jul 16 23:27:12 vpn03 charon: 00[CFG] loading attribute certificates >>>>>>> from '/etc/strongswan/ipsec.d/acerts' >>>>>>> Jul 16 23:27:12 vpn03 charon: 00[CFG] loading crls from >>>>>>> '/etc/strongswan/ipsec.d/crls' >>>>>>> Jul 16 23:27:12 vpn03 charon: 00[CFG] loading secrets from >>>>>>> '/etc/strongswan/ipsec.secrets' >>>>>>> Jul 16 23:27:12 vpn03 charon: 00[CFG] loaded IKE secret for %any >>>>>>> Jul 16 23:27:12 vpn03 charon: 00[LIB] loaded plugins: charon curl >>>>>>> aes des rc2 sha1 sha2 md4 md5 random nonce x509 revocation constraints >>>>>>> acert pubkey pkcs1 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf >>>>>>> gmp >>>>>>> xcbc cmac hmac attr kernel-netlink resolve socket-default farp stroke >>>>>>> vici >>>>>>> updown eap-identity eap-md5 eap-gtc eap-mschapv2 eap-tls eap-ttls >>>>>>> eap-peap >>>>>>> xauth-generic xauth-eap xauth-pam xauth-noauth dhcp >>>>>>> Jul 16 23:27:12 vpn03 charon: 00[LIB] unable to load 3 plugin >>>>>>> features (3 due to unmet dependencies) >>>>>>> Jul 16 23:27:12 vpn03 charon: 00[JOB] spawning 16 worker threads >>>>>>> Jul 16 23:27:12 vpn03 charon: 08[CFG] received stroke: add >>>>>>> connection 'rw' >>>>>>> Jul 16 23:27:12 vpn03 charon: 08[CFG] added configuration 'rw' >>>>>>> Jul 16 23:27:29 vpn03 charon: 10[CFG] received stroke: initiate 'rw' >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] queueing IKE_VENDOR task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] queueing IKE_INIT task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] queueing IKE_NATD task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] queueing IKE_CERT_PRE task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] queueing IKE_AUTH task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] queueing IKE_CERT_POST task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] queueing IKE_CONFIG task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] queueing IKE_AUTH_LIFETIME task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] queueing IKE_MOBIKE task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] queueing CHILD_CREATE task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] activating new tasks >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] activating IKE_VENDOR task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] activating IKE_INIT task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] activating IKE_NATD task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] activating IKE_CERT_PRE task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] activating IKE_AUTH task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] activating IKE_CERT_POST task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] activating IKE_CONFIG task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] activating CHILD_CREATE task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] activating IKE_AUTH_LIFETIME >>>>>>> task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] activating IKE_MOBIKE task >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] initiating IKE_SA rw[1] to >>>>>>> 10.100.1.20 >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] IKE_SA rw[1] state change: >>>>>>> CREATED => CONNECTING >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] natd_chunk => 22 bytes @ >>>>>>> 0x7f586c0028c0 >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] 0: 8E E1 E7 6D 58 37 7C 61 >>>>>>> 00 00 00 00 00 00 00 00 ...mX7|a........ >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] 16: 0A 64 01 14 01 >>>>>>> F4 .d.... >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] natd_hash => 20 bytes @ >>>>>>> 0x7f586c0028e0 >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] 0: D5 57 BE 5C 11 13 5D A8 >>>>>>> 60 7D 72 BF FC 4E A3 CF .W.\..].`}r..N.. >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] 16: 9C 06 49 >>>>>>> FD ..I. >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] natd_chunk => 22 bytes @ >>>>>>> 0x7f586c0025c0 >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] 0: 8E E1 E7 6D 58 37 7C 61 >>>>>>> 00 00 00 00 00 00 00 00 ...mX7|a........ >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] 16: 0A 64 01 83 01 >>>>>>> F4 .d.... >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] natd_hash => 20 bytes @ >>>>>>> 0x7f586c0025e0 >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] 0: 29 E2 9B CE 30 89 84 08 >>>>>>> B6 13 EF D5 75 EA 11 74 )...0.......u..t >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[IKE] 16: C7 9F E7 >>>>>>> 7B ...{ >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[ENC] generating IKE_SA_INIT request >>>>>>> 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ] >>>>>>> Jul 16 23:27:29 vpn03 charon: 12[NET] sending packet: from >>>>>>> 10.100.1.131[500] to 10.100.1.20[500] (964 bytes) >>>>>>> Jul 16 23:27:29 vpn03 charon: 13[NET] received packet: from >>>>>>> 10.100.1.20[500] to 10.100.1.131[500] (36 bytes) >>>>>>> Jul 16 23:27:29 vpn03 charon: 13[ENC] parsed IKE_SA_INIT response 0 >>>>>>> [ N(NO_PROP) ] >>>>>>> Jul 16 23:27:29 vpn03 charon: 13[IKE] received NO_PROPOSAL_CHOSEN >>>>>>> notify error >>>>>>> Jul 16 23:27:29 vpn03 charon: 13[IKE] IKE_SA rw[1] state change: >>>>>>> CONNECTING => DESTROYING >>>>>>> >>>>>>> #strongswan.conf >>>>>>> charon { >>>>>>> load_modular = yes >>>>>>> plugins { >>>>>>> include strongswan.d/charon/*.conf >>>>>>> } >>>>>>> } >>>>>>> >>>>>>> include strongswan.d/*.conf >>>>>>> >>>>>>> >>>>>>> On Thu, Jul 16, 2015 at 3:10 PM, Randy Wyatt <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> Have you tried limiting the proposals supported? >>>>>>>> ike=aes128-sha1-modp1024 >>>>>>>> esp=aes128-sha1 >>>>>>>> >>>>>>>> If you don't specify the proposal, everything is sent. Can you >>>>>>>> increase the debugging on ike so we can look a little more at the >>>>>>>> proposal >>>>>>>> and configured? >>>>>>>> >>>>>>>> Regards, >>>>>>>> Randy >>>>>>>> >>>>>>>> >>>>>>>> On Thu, Jul 16, 2015 at 2:08 PM, Aaron <[email protected]> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> Hi, I have strongswan setup in a host to host configuration using >>>>>>>>> a shared secret for testing, but am not able to get it to establish a >>>>>>>>> tunnel. The left side attempts to retransmit packets till it gives >>>>>>>>> up and >>>>>>>>> on the right side I receive this error. Any help appreciated. >>>>>>>>> Thanks! >>>>>>>>> >>>>>>>>> Jul 16 21:01:19 vpn02 charon: 12[NET] received packet: from >>>>>>>>> 10.100.1.20[500] to 10.100.1.131[500] (36 bytes) >>>>>>>>> Jul 16 21:01:19 vpn02 charon: 12[ENC] parsed IKE_SA_INIT response >>>>>>>>> 0 [ N(NO_PROP) ] >>>>>>>>> Jul 16 21:01:19 vpn02 charon: 12[IKE] received NO_PROPOSAL_CHOSEN >>>>>>>>> notify error >>>>>>>>> >>>>>>>>> #ipsec.conf file >>>>>>>>> #right side and leftside are identical >>>>>>>>> config setup >>>>>>>>> charondebug=all >>>>>>>>> >>>>>>>>> conn %default >>>>>>>>> ikelifetime=60m >>>>>>>>> keylife=20m >>>>>>>>> rekeymargin=3m >>>>>>>>> keyingtries=1 >>>>>>>>> keyexchange=ikev2 >>>>>>>>> authby=psk >>>>>>>>> >>>>>>>>> conn rw >>>>>>>>> left=10.100.1.20 >>>>>>>>> leftid=10.100.1.20 >>>>>>>>> leftfirewall=no >>>>>>>>> right=10.100.1.131 >>>>>>>>> rightid=10.100.1.131 >>>>>>>>> auto=start >>>>>>>>> authby=psk >>>>>>>>> >>>>>>>>> # ipsec.secrets file >>>>>>>>> : PSK "mypsksecret" >>>>>>>>> >>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> Users mailing list >>>>>>>>> [email protected] >>>>>>>>> https://lists.strongswan.org/mailman/listinfo/users >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>> >>>> >>>> >>> >> >> >> -
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
