The logs of the Windows server will tell you what it doesn't like. On 27.10.2017 11:13, Ben Lavender wrote: > > Anyone think they could assist with this? > > > > *From:*Ben Lavender > *Sent:* 24 October 2017 17:23 > *To:* '[email protected]' <[email protected]> > *Subject:* Host-to-Host Windows to Debian (StrongSwan) > > > > Hello, > > > > Please could anyone assist with this problem? > > > > We have setup a connection between to servers (right Windows | left > Debian-StrongSwan) in a host-to-host configure, where the Windows server will > be establishing the connection using transport mode (IKEv1). The > authentication is set to use a X.509 certificates. > > > > The problem we are having seems to be within the two log lines below: > > > > Oct 24 16:21:45 LAB-DEBCLIENT-01 charon: 07[ENC] parsed INFORMATIONAL_V1 > request 62237808 [ HASH N(AUTH_FAILED) ] > > Oct 24 16:21:45 LAB-DEBCLIENT-01 charon: 07[IKE] received > AUTHENTICATION_FAILED error notify > > > > Is there any advice given for attempting to resolve this issue? I can provide > full logs if need be. Thanks. > > > > /etc/ipsec.conf > > > > # ipsec.conf - strongSwan IPsec configuration file > > > > config setup > > charondebug="ike 4, knl 4, cfg 4" > > > > conn %default > > ikelifetime=60m > > keylife=20m > > rekeymargin=3m > > keyingtries=1 > > mobike=no > > keyexchange=ike > > > > conn host-host > > left=192.168.2.9 > > leftcert=deb.crt.pem > > leftid="CN=LAB-DEBCLIENT-01.lab.vdcs.local" > > leftfirewall=yes > > right=192.168.2.5 > > rightid="CN=LAB-FPSVR-01.lab.vdcs.local" > > type=transport > > auto=add > > > > ca strongswan > > cacert=rootca.pem > > crluri=http://LAB-DC-01.lab.vdcs.local/tempcrl/lab-LAB-DC-01-CA-1.crl > > auto=add > > > > > > /etc/ipsec.secrets > > > > # This file holds shared secrets or RSA private keys for authentication. > > > > # RSA private key for this host, authenticating it to any other host > > # which knows the public part. > > > > : RSA deb.key.pem > > > > Regards > > > > Ben > > > > Virtual Data Centre Services (virtualDCS) is registered in England and Wales > under company number 07238621; registered address: The Waterscape, 42 Leeds > and Bradford Road, LS5 3EG. This e-mail and any attachments are strictly > confidential and intended for the addressee only. If you are not the named > addressee you must not disclose, copy, or take any action in reliance of this > transmission, and you should notify us as soon as possible. Any views or > opinions expressed are solely those of the author and do not necessarily > represent those of virtualDCS. This e-mail and any attachments are believed > to be free from viruses but it is your responsibility to carry out all > necessary virus checks, and virtualDCS accepts no liability in connection > therewith. >
signature.asc
Description: OpenPGP digital signature
