I reloaded the file and was ablt to get the secret . I get
[IKE] IKE_SA my-vpn[12] established between locip[locip]...ipsecip[ipsecip]
[IKE] scheduling reauthentication in 78158s
[IKE] maximum IKE_SA lifetime 86798s
[ENC] generating QUICK_MODE request 925866246 [ HASH SA No ID ID ]
[NET] sending packet: from locip[500] to ipsecip[500] (172 bytes)
[NET] received packet: from ipsecip[500] to locip[500] (108 bytes)
[ENC] parsed INFORMATIONAL_V1 request 3675363864 [ HASH N((24576)) ]
[IKE] received (24576) notify
[NET] received packet: from ipsecip[500] to locip[500] (92 bytes)
[ENC] parsed INFORMATIONAL_V1 request 2592328021 [ HASH N(NO_PROP) ]
[IKE] received NO_PROPOSAL_CHOSEN error notify
Does anyone know how I could proceed?
On Thu, 19 Aug 2021 at 17:02, Chasing Vega <chasingve...@gmail.com> wrote:
> Hi
>
> I have a server which is public and accepts IPsec and am trying to connect
> to it through strong
>
> My configuration for strongswan is
>
> connections {
> my-vpn {
> remote_addrs = server_publicip
> version = 1
> proposals = aes256-sha-modp1024
> reauth_time = 1440m
> local {
> auth = psk
> id = loc
> }
> remote {
> # id field here is inferred from the remote address
> auth = psk
> id = sec
> }
> children {
> my-vpn-1 {
> local_ts = local_public_ip
> remote_ts = server_public_ip
> mode = transport
> esp_proposals = aes256-sha-modp1024
> rekey_time = 60m
> start_action = trap
> dpd_action = restart
> }
> }
> }
>
> }
> secrets {
> ike-my-vpn-1 {
> id-1 = loc
> id-2 = sec
> secret = "This is a strong password"
> }
> }
>
> When I try to run strongswan I get
>
> [IKE] initiating Main Mode IKE_SA my-vpn[49] to serveraddr
> [ENC] generating ID_PROT request 0 [ SA V V V V V ]
> [NET] sending packet: from locip[500] to serveraddr[500] (184 bytes)
> [NET] received packet: from serveraddr[500] to locip[500] (108 bytes)
> [ENC] parsed ID_PROT response 0 [ SA V ]
> [IKE] received NAT-T (RFC 3947) vendor ID
> [CFG] selected proposal:
> IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
> [ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
> [NET] sending packet: from locip[500] to serveraddr[500] (244 bytes)
> [NET] received packet: from serveraddr[500] to locip[500] (304 bytes)
> [ENC] parsed ID_PROT response 0 [ KE No V V V V NAT-D NAT-D ]
> [IKE] received Cisco Unity vendor ID
> [IKE] received DPD vendor ID
> [ENC] received unknown vendor ID:
> 5d:4b:ac:66:6b:54:71:15:4b:07:98:9c:05:7e:be:f2
> [IKE] received XAuth vendor ID
> [IKE] no shared key found for 'loc'[locip] - 'sec'[serveraddr]
> [IKE] no shared key found for locip - serveraddr
> [ENC] generating INFORMATIONAL_V1 request 1109914452 [ N(INVAL_KE) ]
> [NET] sending packet: from locip[500] to serveraddr[500] (56 bytes)
>
>
> Does anyone have suggestion?
>
