On 10.03.2017 16:45, Gokan Atmaca wrote: > Hello > > I started the vpn service as follows. But it gives an authentication > error. (1) (os:ubuntu1604lts) > > (1) > Mar 10 17:44:32 ubuntu charon: 02[IKE] Z.Z.Z.Z is initiating a > Aggressive Mode IKE_SA > Mar 10 17:44:32 ubuntu charon: 02[IKE] Aggressive Mode PSK disabled > for security reasons > Mar 10 17:44:32 ubuntu charon: 02[ENC] generating INFORMATIONAL_V1 > request 2604966255 [ N(AUTH_FAILED) ] > Mar 10 17:44:32 ubuntu charon: 02[NET] sending packet: from > 148.251.173.26[500] to 37.154.177.11[28762] (56 bytes)
Throw away the whole configuration. It's crap. Use the one for Responder under Roadwarrior scenario on the UsableExamples wiki page[1]. You surely don't want to use IKEv1 aggressive mode. It's highly insecure. Use main mode or switch to IKEv2. Alternatively, use hybrid authentication or symmetric RSA with XAUTH. If you really want to use aggressive mode, set charon.i_dont_care_about_security_and_use_aggressive_mode_psk = yes in strongswan.conf. Read the man pages to understand the format of the files. Also, pluto doesn't exist anymore since version 5.0.0. [1] https://wiki.strongswan.org/projects/strongswan/wiki/UsableExamples -- Mit freundlichen Grüßen/Kind Regards, Noel Kuntze GPG Key ID: 0x63EC6658 Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
