Hi Jude, > Any insights into what I am missing in my setup, my hope is that this is > just some simple newbie mistake I am doing.
Try reading the log: > Apr 18 09:45:42 RH7Standard charon: 12[CFG] looking for XAuthInitRSA peer > configs matching 10.0.11.200...10.0.11.160[C=US, O=BSI, [email protected]] The client wants to initiate an XAuth/RSA connection (with its certificate's subject DN as identity). However, your config specifies: > leftauth=psk > rightauth=psk > rightauth2=xauth That is, you configured XAuth/PSK. You also set: > rightid=10.0.11.160 Which wouldn't match that subject DN even if the authentication methods were the same. You might want to have a look at [1]. Regards, Tobias [1] https://wiki.strongswan.org/projects/strongswan/wiki/IOS_%28Apple%29 _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
