<html><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif;font-size:10px"><div id="yui_3_16_0_1_1438765735540_4601"><span>Thanks Noel for the reply. So Do you mean that "authyby=secret" is same as "left | rightauth=psk"</span></div><div id="yui_3_16_0_1_1438765735540_5422"><br><span></span></div><div id="yui_3_16_0_1_1438765735540_5421"><span id="yui_3_16_0_1_1438765735540_5420">Regards</span></div><div id="yui_3_16_0_1_1438765735540_4990"><span id="yui_3_16_0_1_1438765735540_5419">Ashok</span></div>  <br><div class="qtdSeparateBR"><br><br></div><div style="display: block;" class="yahoo_quoted"> <div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif; font-size: 10px;"> <div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif; font-size: 16px;"> <div dir="ltr"> <font face="Arial" size="2"> On Tuesday, 4 August 2015 5:18 PM, Noel Kuntze <noel@familie-kuntze.de> wrote:<br> </font> </div>  <br><br> <div class="y_msg_container"><br clear="none">-----BEGIN PGP SIGNED MESSAGE-----<br clear="none">Hash: SHA256<br clear="none"><br clear="none">Hello Ashok<br clear="none"><br clear="none">conn %default != conn default<br clear="none"><br clear="none">Mit freundlichen Grüßen/Kind Regards,<br clear="none">Noel Kuntze<br clear="none"><br clear="none">GPG Key ID: 0x63EC6658<br clear="none">Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658<br clear="none"><br clear="none">Am 04.08.2015 um 12:05 schrieb ashok kj:<br clear="none">> Thanks Tobias,<br clear="none">><br clear="none">> I was under the impression authby=secret will be same as left|rightauth=psk.<br clear="none">> Thanks for your perfect shot.<br clear="none">><br clear="none">> Regards<br clear="none">> Ashok<br clear="none">><br clear="none">><br clear="none">><br clear="none">> On Tuesday, 4 August 2015 2:22 PM, Tobias Brunner <<a shape="rect" ymailto="mailto:tobias@strongswan.org" href="mailto:tobias@strongswan.org">tobias@strongswan.org</a>> wrote:<br clear="none">><br clear="none">><br clear="none">> Hi Ashok,<br clear="none">><br clear="none">> > I am trying to establish simple PSK IPSec session between 2 ubuntu systems.<br clear="none">> ><br clear="none">> > ...<br clear="none">> > Aug  3 19:15:55 user-Lenovo-Product charon: 14[IKE] no private key found for 'moon.strongswan.org'<br clear="none">> > ...<br clear="none">> ><br clear="none">> > May I know what am I missing?<br clear="none">><br clear="none">> A lesson in reading the log and status output perhaps ;-)  The log<br clear="none">> message above indicates that the daemon does not find a _private_ key,<br clear="none">> not a _shared_ key.  That's because the connection is set to use public<br clear="none">> key authentication, not pre-shared key authentication, as can be seen in<br clear="none">> the output here:<br clear="none">><br clear="none">> > <a shape="rect" ymailto="mailto:root@user-Lenovo-Product" href="mailto:root@user-Lenovo-Product">root@user-Lenovo-Product</a> <mailto:<a shape="rect" ymailto="mailto:root@user-Lenovo-Product" href="mailto:root@user-Lenovo-Product">root@user-Lenovo-Product</a>>:/home/user# ipsec statusall<br clear="none">> > ...<br clear="none">> >        home:  192.168.1.5...192.168.1.16  IKEv1/2<br clear="none">> >        home:  local:  [moon.strongswan.org] uses public key authentication<br clear="none">> >        home:  remote: [<a shape="rect" ymailto="mailto:ashok@strongswan.org" href="mailto:ashok@strongswan.org">ashok@strongswan.org</a> <mailto:<a shape="rect" ymailto="mailto:ashok@strongswan.org" href="mailto:ashok@strongswan.org">ashok@strongswan.org</a>>] uses public key authentication<br clear="none">><br clear="none">> This is, of course, due to the `left|rightauth=psk` options you<br clear="none">> commented out in ipsec.conf (the default is `pubkey`):<br clear="none">><br clear="none">><br clear="none">> > conn home<br clear="none">> >        left=192.168.1.5<br clear="none">> >        leftid=@moon.strongswan.org<br clear="none">> > #        leftauth=psk<br clear="none">> > #      leftauth=pubkey<br clear="none">> >        leftsubnet=192.168.1.5/32<br clear="none">> >        leftfirewall=yes<br clear="none">> >        right=192.168.1.16<br clear="none">> >        rightid=<a shape="rect" ymailto="mailto:ashok@strongswan.org" href="mailto:ashok@strongswan.org">ashok@strongswan.org</a> <mailto:<a shape="rect" ymailto="mailto:ashok@strongswan.org" href="mailto:ashok@strongswan.org">ashok@strongswan.org</a>><div class="yqt0402198306" id="yqtfd33843"><br clear="none">> >        rightsubnet=192.168.1.16/32<br clear="none">> > #        rightauth=psk<br clear="none">> >        ike=3des-md5-modp768!<br clear="none">> >        esp=aes128-sha1-modp1024!<br clear="none">> > #        auto=add<br clear="none">> >        auto=start<br clear="none">><br clear="none">> Regards,<br clear="none">><br clear="none">> Tobias</div><br clear="none">><br clear="none">><br clear="none">><br clear="none">><br clear="none">><br clear="none">><br clear="none">> _______________________________________________<br clear="none">> Users mailing list<br clear="none">> <a shape="rect" ymailto="mailto:Users@lists.strongswan.org" href="mailto:Users@lists.strongswan.org">Users@lists.strongswan.org</a><br clear="none">> <a shape="rect" href="https://lists.strongswan.org/mailman/listinfo/users" target="_blank">https://lists.strongswan.org/mailman/listinfo/users</a><br clear="none"><br clear="none">-----BEGIN PGP SIGNATURE-----<br clear="none">Version: GnuPG v2<br clear="none"><br clear="none">iQIcBAEBCAAGBQJVwKZyAAoJEDg5KY9j7GZYbGoQAIiUzSwVzI9D+dk9peZKe0t6<br clear="none">Iaf4RvQ5YOuqfJhYgohwjitkz4l6QLQvh76RXTSsphVVZwaxEfVoI03H0jIxeyjB<br clear="none">RFRC+pKlTk2xRV+9CfKqY6FvUS7bTi8JBZ3CkEAHbzF+9BBFNgdIWSQpuWWZaAnC<br clear="none">EiWRYzFa6n/WQ2snPBT23uyyXNp9shdLfnR9NES5dP6KFuOXZv6Jagk7/KeqhGvO<br clear="none">7dZ0fb0R/WmKUkIZLRZJQM1lws80WrFDJWqkoErUl3Cr21K6y71zhQFxMFS78Xqz<br clear="none">+FzUltrVYCCK81cz50vbpG66BirAZckPPlwMyZ3xqP8e55ZmjdC5U4siGtfst9gi<br clear="none">UrzFNra2S8eYjjkoNuUZB33X8+tb+/ioBPj9wSVxdxaxSOI3Lm9I1LMAP+pEuHJ1<br clear="none">Y70egO1kQzaiic8lxt0YHJNqi7ZpfPSWBLsH8c1C09i13ZRbqhDKrVgBhZxRe5Jr<br clear="none">BPTL2Dn5A6YQ2OBhQpjjEQYaVu64r2N6QtjRl/B+6gpCd/eRk6t/jSrKheuRnERj<br clear="none">rLGrbODuOC5U+XwJMSYQK/L2lBuDvQtvFyIWUcfhq6i31molLFletMAzevwM3IRY<br clear="none">gYaIcjCuh7BHFxJk7MtzqcRVW1wYLzgrerUHLJp9iGocgcanJSE2sSDv11IX2MKi<br clear="none">gLBItOXbZPJJmaxRnceg<br clear="none">=DT47<br clear="none">-----END PGP SIGNATURE-----<div class="yqt0402198306" id="yqtfd65395"><br clear="none"><br clear="none"></div><br><br></div>  </div> </div>  </div></div></body></html>