<html><body><div style="color:#000; background-color:#fff; font-family:times new roman, new york, times, serif;font-size:12pt"><div id="yiv1940551045"><div><div style="color: rgb(0, 0, 0); background-color: rgb(255, 255, 255); font-family: 'times new roman', 'new york', times, serif; font-size: 12pt;"><div id="yiv1940551045yui_3_7_2_38_1377568206375_40">Helo Everyone,</div><div id="yiv1940551045yui_3_7_2_38_1377568206375_69"><br id="yiv1940551045yui_3_7_2_38_1377568206375_74"></div><div style="color: rgb(0, 0, 0); font-size: 16px; font-family: 'times new roman', 'new york', times, serif; background-color: transparent; font-style: normal;" id="yiv1940551045yui_3_7_2_38_1377568206375_71">I have two machines one Ubunto 12.0 with strongSwan 4.5.2.1 and one a Openwrt router running strongswan 5.0.4.1.</div><div id="yiv1940551045yui_3_7_2_38_1377568206375_76" style="color: rgb(0, 0, 0); font-size: 16px; font-family: 'times new roman', 'new york', times, serif;
background-color: transparent; font-style: normal;"><br id="yiv1940551045yui_3_7_2_38_1377568206375_81"></div><div id="yiv1940551045yui_3_7_2_38_1377568206375_78" style="color: rgb(0, 0, 0); font-size: 16px; font-family: 'times new roman', 'new york', times, serif; background-color: transparent; font-style: normal;">I am configuring a simple host-host topology with secret key ( password). I ran >>ipsec start --nofork on ubuntu machine and >>ipsec up conn on Openwrt router .You can see below that I get error of No_PROPOSAL_CHOSEN.</div><div id="yiv1940551045yui_3_7_2_38_1377568206375_88" style="color: rgb(0, 0, 0); font-size: 16px; font-family: 'times new roman', 'new york', times, serif; background-color: transparent; font-style: normal;">I haven't set any ike and esp and I chose ikev2. Do I need to chose some specefic esp/ike for both sides? I though by default they should be able to select proper
protocol.</div><div id="yiv1940551045yui_3_7_2_38_1377568206375_99" style="color: rgb(0, 0, 0); font-size: 16px; font-family: 'times new roman', 'new york', times, serif; background-color: transparent; font-style: normal;"><br id="yiv1940551045yui_3_7_2_38_1377568206375_104"></div><div id="yiv1940551045yui_3_7_2_38_1377568206375_101" style="color: rgb(0, 0, 0); font-size: 16px; font-family: 'times new roman', 'new york', times, serif; background-color: transparent; font-style: normal;">Or there is something else missing here.</div><div id="yiv1940551045yui_3_7_2_38_1377568206375_106" style="color: rgb(0, 0, 0); font-size: 16px; font-family: 'times new roman', 'new york', times, serif; background-color: transparent; font-style: normal;"><br id="yiv1940551045yui_3_7_2_38_1377568206375_111"></div><div id="yiv1940551045yui_3_7_2_38_1377568206375_108" style="color: rgb(0, 0, 0); font-size: 16px; font-family: 'times new roman', 'new york', times, serif;
background-color: transparent; font-style: normal;">Appreciet yor help.</div><div id="yiv1940551045yui_3_7_2_38_1377568206375_113" style="color: rgb(0, 0, 0); font-size: 16px; font-family: 'times new roman', 'new york', times, serif; background-color: transparent; font-style: normal;">Farid<br id="yiv1940551045yui_3_7_2_38_1377568206375_63"></div><div style="color: rgb(0, 0, 0); font-size: 16px; font-family: 'times new roman', 'new york', times, serif; background-color: transparent; font-style: normal;" id="yiv1940551045yui_3_7_2_38_1377568206375_59"><br id="yiv1940551045yui_3_7_2_38_1377568206375_67"></div><div id="yiv1940551045yui_3_7_2_38_1377568206375_64" style="color: rgb(0, 0, 0); font-size: 16px; font-family: 'times new roman', 'new york', times, serif; background-color: transparent; font-style: normal;">resasalehi@CLD-WKSRSALEH2:~/Desktop/svn/lmu5000-base$ sudo ipsec start --nofork<br>Starting strongSwan 4.5.2 IPsec [starter]...<br>00[DMN]
Starting IKEv2 charon daemon (strongSwan 4.5.2)<br>00[KNL] listening on interfaces:<br>00[KNL] eth0<br>00[KNL] 192.168.1.209<br>00[KNL] fe80::20a:f7ff:fe09:720f<br>00[KNL] eth3<br>00[KNL] 192.168.45.160<br>00[KNL] fe80::b6b5:2fff:fed9:4f88<br>00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'<br>00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'<br>00[CFG] loading
ocsp signer certificates from '/etc/ipsec.d/ocspcerts'<br>00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'<br>00[CFG] loading crls from '/etc/ipsec.d/crls'<br>00[CFG] loading secrets from '/etc/ipsec.secrets'<br>00[CFG] loaded IKE secret for @lmu209 @lmu55 <br>00[CFG] sql plugin: database URI not set<br>00[LIB] plugin 'sql': failed to load - sql_plugin_create returned NULL<br>00[CFG] loaded 0 RADIUS server configurations<br>00[LIB] plugin 'medsrv' failed to load: /usr/lib/ipsec/plugins/libstrongswan-medsrv.so: cannot open shared object file: No such file or directory<br>00[CFG] mediation client database URI not defined, skipped<br>00[LIB] plugin 'medcli': failed to load - medcli_plugin_create returned NULL<br>00[CFG] HA config misses local/remote address<br>00[LIB] plugin 'ha': failed to load - ha_plugin_create returned NULL<br>00[DMN] loaded plugins: test-vectors curl ldap aes des sha1 sha2 md5 random x509
revocation constraints pubkey pkcs1 pgp pem openssl fips-prf gmp agent pkcs11 xcbc hmac ctr ccm gcm attr kernel-netlink resolve socket-raw farp stroke updown eap-identity eap-aka eap-md5 eap-gtc eap-mschapv2 eap-radius eap-tls eap-ttls eap-tnc nm dhcp led addrblock <br>00[JOB] spawning 16 worker threads<br>charon (24825) started after 40 ms<br>04[CFG] received stroke: add connection 'desktop'<br>04[CFG] left nor right host is our side, assuming left=local<br>04[CFG] added configuration 'desktop'<br>12[NET] received packet: from 192.168.1.55[500] to 192.168.1.209[500]<br>12[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]<br>12[IKE] no IKE config found for 192.168.1.209...192.168.1.55, sending NO_PROPOSAL_CHOSEN<br>12[ENC] generating IKE_SA_INIT response 0 [ N(NO_PROP) ]<br>12[NET] sending packet: from 192.168.1.209[500] to 192.168.1.55[500]<br><br></div></div></div></div></div></body></html>