Re: [strongSwan] Strongswan on Ubuntu - Failure to connect from Windows 10 client -error: deleting half open IKE_SA with 154.**.***.** after timeout

[Tom Rymes]

> On Feb 19, 2019, at 7:07 AM, IL Ka <kazakevichi...@gmail.com> wrote:
> 
> 1701 is L2TP port.
> It could be that Windows client tries several protos including PPTP/GRE, L2TP 
> and so on.
> 
> What do you see on Windows side? Which error?

[snip]

Moses,

I think your instructions for configuring the connection in windows are 
incomplete. As pointed out above, Windows is configured to use a VPN of type 
“auto”, so it throws everything at the server until something works.

Go back into Network and Sharing Center and click edit adapter settings on the 
left side. Get properties for the VPN connection you are using and set it to a 
type of IKE2 and configure it to use machine certificates, assuming that’s how 
you intend to authenticate (is it?).

Also, when windows fails to connect, it’s giving you an error. Multiple folks 
have asked what it is, but I don’t think you’ve answered them. That would be 
helpful.

Lastly, rather than build your own server from scratch, you may want to 
consider using a firewall distribution like IPFire, or a project like Algo that 
makes the configuration far simpler.

Tom