Hi,
Anvar this is log from android :
Nov 7 15:39:12 00[DMN] Starting IKE charon daemon (strongSwan 5.6.0,
Android 8.0.0 - OPR4.170623.009/2017-10-05, Nexus 5X -
google/bullhead/LGE, Linux 3.10.73-ga51b1600b7f8, aarch64)
Nov 7 15:39:12 00[LIB] loaded plugins: androidbridge charon android-log
openssl fips-prf random nonce pubkey chapoly curve25519 pkcs1 pkcs8 pem
xcbc hmac socket-default revocation eap-identity eap-mschapv2 eap-md5
eap-gtc eap-tls x509
curve25519 loaded
but on server, charon didn't loading curve so i loaded, and android can
connect now.
Thanks for help
Rafał
W dniu 2017-11-07 o 20:22, Anvar Kuchkartaev pisze:
As far as I know android clients are not supported curve25519.
Anvar Kuchkartaev
[email protected]
*From: *Rafał Sanocki
*Sent: *martes, 7 de noviembre de 2017 05:19 p.m.
*To: *[email protected]
*Subject: *[strongSwan] CURVE_25519 inacceptable
Hi,
I try connect client :
strongSwan 5.6.0, Android 8.0.0 - OPR4.170623.009/2017-10-05, Nexus 5X
- google/bullhead/LGE, Linux 3.10.73-ga51b1600b7f8, aarch64
server:
ipsec version Linux strongSwan U5.6.0/K4.13.2
connection type
conn vpn-ikev2
keyexchange=ikev2
type=transport
left=13.41.7.54
leftcert=proxu.s.cert
[email protected]
right=%any
rightca=@#0b:c3:d4:33:....
authby=rsasig
keyingtries=%forever
leftsubnet=0.0.0.0/0
rightdns=192.168.0.2
rightrsasigkey=%cert
conn vpn-ikev2-android
<------>also="vpn-ikev2"
rightid="C=PL, ST=Malopolska, O=Test, OU=Sec man,
[email protected], [email protected]"
auto=add
rightsourceip=192.168.0.100/32
Windows clients can connect well, but when android trying i have error
in logs
charon: 10[IKE] DH group CURVE_25519 inacceptable, requesting CURVE_25519
what that mean curve_25519 != curve_25519??
Every helpful hint would be highly appreciated.
Rafał
