<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hi all, <br>
I hope you can help me with my Strongswan Configuration. The goal is
to have a VPN Server for my Smartphone (Android) and my Computer
(Ubuntu) in America. (I am from Germany)<br>
The problem is that I can't connect to the server. Because of this
syslog (Server) message I think thats a problem with the
configuration.<br>
<blockquote><small>Jun 1 20:33:49 ip-172-31-56-231 charon: 12[NET]
received packet: from X.X.X.X[53089] to 172.31.56.231[500] (1302
bytes)<br>
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[ENC] parsed
AGGRESSIVE request 0 [ SA KE No ID V V V V V V V V V ]<br>
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] received XAuth
vendor ID<br>
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] received Cisco
Unity vendor ID<br>
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] received NAT-T
(RFC 3947) vendor ID<br>
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] received
draft-ietf-ipsec-nat-t-ike-03 vendor ID<br>
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] received
draft-ietf-ipsec-nat-t-ike-02\n vendor ID<br>
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] received
draft-ietf-ipsec-nat-t-ike-02 vendor ID<br>
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[ENC] received
unknown vendor ID:
16:f6:ca:16:e4:a4:06:6d:83:82:1a:0f:0a:ea:a8:62<br>
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] received
draft-ietf-ipsec-nat-t-ike-00 vendor ID<br>
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] received DPD
vendor ID<br>
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] X.X.X.X is
initiating a Aggressive Mode IKE_SA<br>
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[CFG] looking for
XAuthInitPSK peer configs matching
172.31.56.231...X.X.X.X[fabian]<br>
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] no peer config
found<br>
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[ENC] generating
INFORMATIONAL_V1 request 2765535231 [ N(AUTH_FAILED) ]<br>
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[NET] sending packet:
from 172.31.56.231[500] to X.X.X.X[53089] (56 bytes)</small><br>
</blockquote>
My configuration files:<br>
<i>/etc/ipsec.secret:<br>
</i>
<blockquote><small>172.31.56.231 %any : PSK "PASSWORD"</small><br>
<small>fabian : XAUTH "PASSWORD"</small><br>
</blockquote>
<i>/etc/ipsec.conf</i><i><small>:</small></i><br>
<blockquote><small>conn fabian<br>
keyexchange=ikev1<br>
authby=xauthpsk<br>
xauth=server<br>
left=%defaultroute<br>
leftsubnet=0.0.0.0/0<br>
leftfirewall=yes<br>
right=%any<br>
rightsubnet=192.168.201.0/24<br>
rightsourceip=192.168.201.1/24<br>
rightdns=8.8.8.8<br>
auto=add<br>
leftauth=psk<br>
rightauth=psk<br>
rightauth2=xauth<br>
</small></blockquote>
On my computer I use vpnc (network-manager-vpnc-gnome) for the
connection.<br>
<i>syslog from the computer:<br>
</i>
<blockquote><small><i>Jun 1 22:38:26 Fabian-PC NetworkManager[918]:
<info> [1464813506.8417] audit:
op="connection-activate"
uuid="821a00af-dd54-41c8-8715-552e9f5bef00" name="Amazon AWS"
pid=2256 uid=1000 result="success"<br>
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: <info>
[1464813506.8446]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: Started the VPN service, PID 7945<br>
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: <info>
[1464813506.8568]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: Saw the service appear; activating connection<br>
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: <info>
[1464813506.8575]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: VPN plugin: state changed: init (1)<br>
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: ** Message:
vpnc started with pid 7956<br>
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: <info>
[1464813506.9468]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: VPN plugin: state changed: starting (3)<br>
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: <info>
[1464813506.9468]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: VPN connection: (ConnectInteractive) reply received<br>
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: <info>
[1464813506.9576] manager: (tun0): new Tun device
(/org/freedesktop/NetworkManager/Devices/14)<br>
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: <info>
[1464813506.9634] devices added (path:
/sys/devices/virtual/net/tun0, iface: tun0)<br>
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: <info>
[1464813506.9636] device added (path:
/sys/devices/virtual/net/tun0, iface: tun0): no ifupdown
configuration found.<br>
Jun 1 22:38:27 Fabian-PC NetworkManager[918]: /usr/sbin/vpnc:
response was invalid [1]: (ISAKMP_N_INVALID_EXCHANGE_TYPE)(7)<br>
Jun 1 22:38:27 Fabian-PC NetworkManager[918]: <info>
[1464813507.0979] devices removed (path:
/sys/devices/virtual/net/tun0, iface: tun0)<br>
Jun 1 22:38:27 Fabian-PC NetworkManager[918]: **
(nm-vpnc-service:7945): WARNING **: vpnc exited with error
code 1<br>
Jun 1 22:38:27 Fabian-PC NetworkManager[918]: <warn>
[1464813507.1125]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: VPN plugin: failed: connect-failed (1)<br>
Jun 1 22:38:27 Fabian-PC NetworkManager[918]: <warn>
[1464813507.1127]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: VPN plugin: failed: connect-failed (1)<br>
Jun 1 22:38:27 Fabian-PC NetworkManager[918]: <info>
[1464813507.1128]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: VPN plugin: state changed: stopping (5)<br>
Jun 1 22:38:27 Fabian-PC NetworkManager[918]: <info>
[1464813507.1128]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: VPN plugin: state changed: stopped (6)<br>
Jun 1 22:38:27 Fabian-PC NetworkManager[918]: <info>
[1464813507.1133]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: VPN plugin: state change reason: unknown (0)</i></small><br>
</blockquote>
<br>
I hope that you can help me with this issue.<br>
<br>
Thank you for a hint,<br>
Fabian<br>
</body>
</html>