Hi Tobias,<br> I have attached decoded IKEV2 AUTH packet for your reference. It seems ,Client is sending a valid identity payload with identification data to strongswan.<br>But Strongswan is showing client identification information as NULL in the logs and sending authentication failure payload.<br>
<br>Please help me to solve this problem.<br><br>Regards,<br>Saravanan N<br><div class="gmail_quote">On Thu, Oct 4, 2012 at 5:33 PM, Tobias Brunner <span dir="ltr"><<a href="mailto:tobias@strongswan.org" target="_blank">tobias@strongswan.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi,<br>
<div class="im"><br>
> Oct 1 14:42:26 localhost charon: 13[ENC] parsed IKE_AUTH request 1 [<br>
> IDi CERT CERTREQ AUTH SA TSi TSr ]<br>
</div>> ...<br>
<div class="im">> Oct 1 14:42:26 localhost charon: 13[CFG] looking for peer configs<br>
> matching 35.0.0.2[%any]...35.0.0.1[]<br>
<br>
</div>Your client seemed have sent an empty IDi payload (seen as [] above),<br>
which will not match with the config where you configured<br>
<br>
> conn site-site<br>
> ...<br>
> rightid="C=CH, O=strongswan, CN=iss"<br>
> ...<br>
<br>
What did you configure on the client?<br>
<br>
Regards,<br>
Tobias<br>
</blockquote></div><br>