<div dir="ltr"><div><div><br clear="all"></div>Hi, I'm trying to connect win7 ikev2 with strongswan. <br></div><div>Win7 hangs on verifying username and password and strongswan ipsec tunnel stays in connecting mode but never goes up. <br>
<div>I've tried mobikey on win-7 enabled and disabled with same results. Both server and client firewalls are disabled.<br>
</div></div><div><br></div><div>I am testing this on Linux strongSwan U5.1.3/K2.6.31.5-127.fc12.i686.PAE, win-7 is Ultimate-64b (6.1, build 7600)<br></div><div><br></div><div>Here are my <a href="http://pastebin.com/T6cwxGV5">swan config files</a> and<a href="http://pastebin.com/2fjsRGCa"> charon log</a>...<br>
</div><div><br>ipsec statusall<br>---------------------<br>Status of IKE charon daemon (weakSwan 5.1.3, Linux 2.6.31.5-127.fc12.i686.PAE, i686):<br> uptime: 19 seconds, since Apr 28 12:22:01 2014<br> malloc: sbrk 245760, mmap 0, used 129896, free 115864<br>
worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 1<br> loaded plugins: charon curl aes des sha1 sha2 md4 md5 pem pkcs1 pkcs8 gmp random nonce x509 revocation hmac xcbc stroke kernel-netlink socket-default attr unity xauth-generic eap-identity eap-mschapv2<br>
Virtual IP pools (size/online/offline):<br> <a href="http://172.16.1.11">172.16.1.11</a>: 1/0/0<br>Listening IP addresses:<br> 134.202.84.62<br> 172.16.1.10<br>Connections:<br> rw_win7: 134.202.84.62...%any IKEv2, dpddelay=300s<br>
rw_win7: local: [134.202.84.62] uses pre-shared key authentication<br> rw_win7: remote: uses EAP_MSCHAPV2 authentication with EAP identity '%any'<br> rw_win7: child: <a href="http://172.16.1.0/24[udp/l2tp]">172.16.1.0/24[udp/l2tp]</a> === dynamic[udp] TUNNEL, dpdaction=clear<br>
Security Associations (0 up, 1 connecting):<br> rw_win7[1]: CONNECTING, 134.202.84.62[134.202.84.62]...134.202.84.63[134.202.84.63]<br> rw_win7[1]: IKEv2 SPIs: 35a502746b35cd39_i 8253db86942f3f5f_r*<br> rw_win7[1]: IKE proposal: AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024<br>
rw_win7[1]: Tasks passive: IKE_CERT_PRE IKE_AUTH IKE_CERT_POST IKE_CONFIG CHILD_CREATE IKE_AUTH_LIFETIME IKE_MOBIKE <br><br></div></div>