Hello , <br><br>I've configured a debian server with following config : <br><br>IPsec.conf :<br><br>conn ioss<br> keyexchange=ikev1<br> authby=xauthpsk<br> xauth=server<br> left=%defaultroute<br>
leftsubnet=<a href="http://0.0.0.0/0">0.0.0.0/0</a><br> leftfirewall=yes<br> right=%any<br> rightsubnet=<a href="http://0.0.0.0/0">0.0.0.0/0</a><br> rightsourceip=<a href="http://10.10.9.0/24">10.10.9.0/24</a><br>
auto=add<br> modeconfig=push<br><br><br>ipsec.secrets :<br><br>test1 : XAUTH "test123"<br><a href="http://moon.strongswan.org">moon.strongswan.org</a> %any : PSK "test123456"<br><br><br>
Error :<br>[...]<br>Oct 27 09:25:06 4 charon: 15[IKE] received draft-ietf-ipsec-nat-t-ike-08 vendor ID<br>Oct 27 09:25:06 4 charon: 15[IKE] received draft-ietf-ipsec-nat-t-ike-07 vendor ID<br>Oct 27 09:25:06 4 charon: 15[IKE] received draft-ietf-ipsec-nat-t-ike-06 vendor ID<br>
Oct 27 09:25:06 4 charon: 15[IKE] received draft-ietf-ipsec-nat-t-ike-05 vendor ID<br>Oct 27 09:25:06 4 charon: 15[IKE] received draft-ietf-ipsec-nat-t-ike-04 vendor ID<br>Oct 27 09:25:06 4 charon: 15[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID<br>
Oct 27 09:25:06 4 charon: 15[IKE] received draft-ietf-ipsec-nat-t-ike-02 vendor ID<br>Oct 27 09:25:06 4 charon: 15[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID<br>Oct 27 09:25:06 4 charon: 15[IKE] received XAuth vendor ID<br>
Oct 27 09:25:06 4 charon: 15[IKE] received Cisco Unity vendor ID<br>Oct 27 09:25:06 4 charon: 15[ENC] received unknown vendor ID: 40:48:b7:d5:6e:bc:e8:85:25:e7:de:7f:00:d6:c2:d3:80:00:00:00<br>Oct 27 09:25:06 4 charon: 15[IKE] received DPD vendor ID<br>
Oct 27 09:25:06 4 charon: 15[IKE] y.y.y.y is initiating a Main Mode IKE_SA<br>Oct 27 09:25:06 4 charon: 15[ENC] generating ID_PROT response 0 [ SA V V V ]<br>Oct 27 09:25:06 4 charon: 15[NET] sending packet: from x.x.x.x[500] to y.y.y.y[500]<br>
Oct 27 09:25:06 4 charon: 16[NET] received packet: from y.y.y.y[500] to x.x.x.x[500]<br>Oct 27 09:25:06 4 charon: 16[ENC] parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]<br>Oct 27 09:25:06 4 charon: 16[IKE] remote host is behind NAT<br>
Oct 27 09:25:06 4 charon: 16[ENC] generating INFORMATIONAL_V1 request 2434938569 [ N(INVAL_KE) ]<br>Oct 27 09:25:06 4 charon: 16[NET] sending packet: from x.x.x.x[500] to y.y.y.y[500]<br><br>So it doesn't connect to server .<br>
<br>Also with certifcate just android (Xauth + rsa) works and IPhone (Cisco Ipsec ) doesn't work <br><br>Where is the problem ? <br><br>Thank you so much <br>