<html><head></head><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:16px"><div id="yui_3_16_0_ym19_1_1461752215426_8104"><br></div><div id="yui_3_16_0_ym19_1_1461752215426_8043"><br></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7817"><span style="font-size: 12pt;" id="yui_3_16_0_ym19_1_1461752215426_7818">Hi,<o:p id="yui_3_16_0_ym19_1_1461752215426_7819"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7820"><span style="font-size: 12pt;" id="yui_3_16_0_ym19_1_1461752215426_7821"> </span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7822"><span style="font-size:12.0pt;mso-fareast-font-family:"Times New Roman";mso-bidi-font-family:Calibri;mso-bidi-theme-font:minor-latin" id="yui_3_16_0_ym19_1_1461752215426_7823">I am using
strongSwan VPN Client google app in an android device (VPN Client) and running
strongswan-5.4.0 on Linux device (VPN Server on Virtual Machine). I am trying
to establish an IKEv2/IPsec tunnel using EAP authentication based on
username/password (EAP-MD5) on client and pubkey on server. Since </span><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7824">For EAP-based authentication, Andorid needs to have just the
correct CA certificate installed.</span> <span style="font-size:12.0pt;mso-bidi-font-family:Calibri;mso-bidi-theme-font:minor-latin" id="yui_3_16_0_ym19_1_1461752215426_7825">Ipsec pki <span style="background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7826"> is used to
generate all certificates. All certificates are imported to Android and installed.
Opted that specific certificate (CA) that was imported.  <o:p id="yui_3_16_0_ym19_1_1461752215426_7827"></o:p></span></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7828"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7829"><o:p id="yui_3_16_0_ym19_1_1461752215426_7830"> </o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7831"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7832">The error (in Charon log)  on Android device says that, “no issuer
certificate found for “C=NL, O-Example Company, CN=vpn.example.org”<o:p id="yui_3_16_0_ym19_1_1461752215426_7833"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7834"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7835">No trusted RSA public key found for “C=NL,
O-Example Company, CN=vpn.example.org”.<o:p id="yui_3_16_0_ym19_1_1461752215426_7836"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7837"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7838"><o:p id="yui_3_16_0_ym19_1_1461752215426_7839"> </o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7840"><u id="yui_3_16_0_ym19_1_1461752215426_7841"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7842">Charon log on VPN Server<o:p id="yui_3_16_0_ym19_1_1461752215426_7843"></o:p></span></u></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7844"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7845"><o:p id="yui_3_16_0_ym19_1_1461752215426_7846"> </o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7847"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7848">15[CFG] selected peer config
'vpn_server-vpn_client'<o:p id="yui_3_16_0_ym19_1_1461752215426_7849"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7850"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7851">15[IKE] initiating EAP_IDENTITY method (id 0x00)<o:p id="yui_3_16_0_ym19_1_1461752215426_7852"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7853"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7854">15[IKE] received ESP_TFC_PADDING_NOT_SUPPORTED,
not using ESPv3 TFC padding<o:p id="yui_3_16_0_ym19_1_1461752215426_7855"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7856"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7857">15[IKE] peer supports MOBIKE<o:p id="yui_3_16_0_ym19_1_1461752215426_7858"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7859"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7860">15[IKE] authentication of 'C=NL, O=Example
Company, CN=vpn.example.org' (myself) with RSA_EMSA_PKCS1_SHA384 successful<o:p id="yui_3_16_0_ym19_1_1461752215426_7861"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7862"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7863">15[IKE] sending end entity cert "C=NL,
O=Example Company, CN=vpn.example.org"<o:p id="yui_3_16_0_ym19_1_1461752215426_7864"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7865"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7866">15[ENC] generating IKE_AUTH response 1 [ IDr CERT
AUTH EAP/REQ/ID ]<o:p id="yui_3_16_0_ym19_1_1461752215426_7867"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7868"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7869">15[NET] sending packet: from 10.0.131.40[4500] to
192.168.10.59[52848] (2128 bytes)<o:p id="yui_3_16_0_ym19_1_1461752215426_7870"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7871"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7872">14[NET] received packet: from
192.168.10.59[52848] to 10.0.131.40[4500] (80 bytes)<o:p id="yui_3_16_0_ym19_1_1461752215426_7873"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7874"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7875">14[ENC] parsed INFORMATIONAL request 2 [
N(AUTH_FAILED) ]<o:p id="yui_3_16_0_ym19_1_1461752215426_7876"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7877"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7878">14[ENC] generating INFORMATIONAL response 2 [
N(AUTH_FAILED) ]<o:p id="yui_3_16_0_ym19_1_1461752215426_7879"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7880"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7881">14[NET] sending packet: from 10.0.131.40[4500] to
192.168.10.59[52848] (80 bytes)<o:p id="yui_3_16_0_ym19_1_1461752215426_7882"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7883"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7884"><o:p id="yui_3_16_0_ym19_1_1461752215426_7885"> </o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7886"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7887">I generated certificate as stated below<o:p id="yui_3_16_0_ym19_1_1461752215426_7888"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7889"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7890"><o:p id="yui_3_16_0_ym19_1_1461752215426_7891"> </o:p></span></div><div id="yui_3_16_0_ym19_1_1461752215426_7892"><span style="font-size:12.0pt;line-height:115%" id="yui_3_16_0_ym19_1_1461752215426_7893">ipsec pki
--gen --type rsa --size 4096 --outform pem > private/strongswanKey.pem<o:p id="yui_3_16_0_ym19_1_1461752215426_7894"></o:p></span></div><div id="yui_3_16_0_ym19_1_1461752215426_7895"><span style="font-size:12.0pt;line-height:115%" id="yui_3_16_0_ym19_1_1461752215426_7896">ipsec pki
--self --ca --lifetime 3650 --in private/strongswanKey.pem --type rsa --dn
"C=NL, O=Example Company, CN=strongSwan Root CA" --outform pem >
cacerts/strongswanCert.pem<o:p id="yui_3_16_0_ym19_1_1461752215426_7897"></o:p></span></div><div id="yui_3_16_0_ym19_1_1461752215426_7898"><span style="font-size:12.0pt;line-height:115%" id="yui_3_16_0_ym19_1_1461752215426_7899">ipsec pki
--gen --type rsa --size 4096 --outform pem > private/vpnHostKey.pem<o:p id="yui_3_16_0_ym19_1_1461752215426_7900"></o:p></span></div><div id="yui_3_16_0_ym19_1_1461752215426_7901"><span style="font-size:12.0pt;line-height:115%" id="yui_3_16_0_ym19_1_1461752215426_7902">ipsec pki
--pub --in private/vpnHostKey.pem --type rsa | ipsec pki --issue --lifetime 730
--cacert cacerts/strongswanCert.pem --cakey private/strongswanKey.pem --dn
"C=NL, O=Example Company, CN=vpn.example.org" --san vpn.example.com
--san vpn.example.net --san 172.19.134.4 
--san @172.19.134.4 --flag serverAuth --flag ikeIntermediate --outform
pem > certs/vpnHostCert.pem<o:p id="yui_3_16_0_ym19_1_1461752215426_7903"></o:p></span></div><div id="yui_3_16_0_ym19_1_1461752215426_7904"><span style="font-size:12.0pt;line-height:115%" id="yui_3_16_0_ym19_1_1461752215426_7905">openssl
pkcs12 -in certs/vpnHostCert.pem -inkey private/vpnHostKey.pem -certfile
cacerts/strongswanCert.pem -export -out peer.p12<o:p id="yui_3_16_0_ym19_1_1461752215426_7906"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7907"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7908"> <o:p id="yui_3_16_0_ym19_1_1461752215426_7909"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7910"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7911">ipsec.secrets (at VPN Server)<o:p id="yui_3_16_0_ym19_1_1461752215426_7912"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7913"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7914"><o:p id="yui_3_16_0_ym19_1_1461752215426_7915"> </o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7916"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7917">: RSA /etc/ipsec.d/private/vpnHostKey.pem<o:p id="yui_3_16_0_ym19_1_1461752215426_7918"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7919"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7920">user : EAP "strongSwan"<o:p id="yui_3_16_0_ym19_1_1461752215426_7921"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7922"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7923"><o:p id="yui_3_16_0_ym19_1_1461752215426_7924"> </o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7925"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7926"><o:p id="yui_3_16_0_ym19_1_1461752215426_7927"> </o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7928"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7929">conn %default<o:p id="yui_3_16_0_ym19_1_1461752215426_7930"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7931"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7932">       
ikelifetime=60m<o:p id="yui_3_16_0_ym19_1_1461752215426_7933"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7934"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7935">       
keylife=20m<o:p id="yui_3_16_0_ym19_1_1461752215426_7936"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7937"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7938">       
rekeymargin=3m<o:p id="yui_3_16_0_ym19_1_1461752215426_7939"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7940"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7941">       
keyingtries=1<o:p id="yui_3_16_0_ym19_1_1461752215426_7942"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7943"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7944"><o:p id="yui_3_16_0_ym19_1_1461752215426_7945"> </o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7946"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7947">ipsec.conf (at VPN Server)<o:p id="yui_3_16_0_ym19_1_1461752215426_7948"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7949"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7950"><o:p id="yui_3_16_0_ym19_1_1461752215426_7951"> </o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7952"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7953">conn vpn_server-vpn_client<o:p id="yui_3_16_0_ym19_1_1461752215426_7954"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7955"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7956"><o:p id="yui_3_16_0_ym19_1_1461752215426_7957"> </o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7958"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7959">       
left=10.0.131.40<o:p id="yui_3_16_0_ym19_1_1461752215426_7960"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7961"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7962">       
leftfirewall=yes<o:p id="yui_3_16_0_ym19_1_1461752215426_7963"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7964"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7965">       
leftsubnet = %any<o:p id="yui_3_16_0_ym19_1_1461752215426_7966"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7967"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7968">       
leftprotoport=1<o:p id="yui_3_16_0_ym19_1_1461752215426_7969"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7970"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7971">       
rightprotoport=1<o:p id="yui_3_16_0_ym19_1_1461752215426_7972"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7973"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7974">       
right=%any       <o:p id="yui_3_16_0_ym19_1_1461752215426_7975"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7976"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7977">       
rightauth=eap-md5<o:p id="yui_3_16_0_ym19_1_1461752215426_7978"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7979"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7980">        rightsendcert=never        <o:p id="yui_3_16_0_ym19_1_1461752215426_7981"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7982"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7983">       
leftcert=vpnHostCert.pem<o:p id="yui_3_16_0_ym19_1_1461752215426_7984"></o:p></span></div><div style="margin-bottom: 0.0001pt; text-indent: 0.5in;" id="yui_3_16_0_ym19_1_1461752215426_7985"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7986">leftauth=pubkey<o:p id="yui_3_16_0_ym19_1_1461752215426_7987"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7988"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7989">       
eap_identity=%any<o:p id="yui_3_16_0_ym19_1_1461752215426_7990"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7991"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7992">       
leftsubnet=0.0.0.0/0<o:p id="yui_3_16_0_ym19_1_1461752215426_7993"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7994"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7995">       
rightsourceip = 10.0.3.15/32<o:p id="yui_3_16_0_ym19_1_1461752215426_7996"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_7997"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_7998">       
type=tunnel<o:p id="yui_3_16_0_ym19_1_1461752215426_7999"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_8000"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_8001">       
keyexchange=ikev2<o:p id="yui_3_16_0_ym19_1_1461752215426_8002"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_8003"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_8004">       
esp=aes128-sha1<o:p id="yui_3_16_0_ym19_1_1461752215426_8005"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_8006"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_8007">       
rekey=no<o:p id="yui_3_16_0_ym19_1_1461752215426_8008"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_8009"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_8010">       
reauth=no<o:p id="yui_3_16_0_ym19_1_1461752215426_8011"></o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_8012"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_8013"><o:p id="yui_3_16_0_ym19_1_1461752215426_8014"> </o:p></span></div><div style="margin-bottom: 0.0001pt;" id="yui_3_16_0_ym19_1_1461752215426_8015"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_8016">Regards,<o:p id="yui_3_16_0_ym19_1_1461752215426_8017"></o:p></span></div><div>



































































































































</div><div style="margin-bottom: 0.0001pt;" dir="ltr" id="yui_3_16_0_ym19_1_1461752215426_8018"><span style="font-size: 12pt; background-image: initial; background-attachment: initial; background-size: initial; background-origin: initial; background-clip: initial; background-position: initial; background-repeat: initial;" id="yui_3_16_0_ym19_1_1461752215426_8019">Chinmaya<o:p id="yui_3_16_0_ym19_1_1461752215426_8020"></o:p></span></div></div></body></html>