<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hi, <br>
Anvar this is log from android :<br>
<span style="font-family: Helvetica, Arial, sans-serif; color: rgb(75, 79, 86); font-size: 12px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: pre-wrap; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: rgb(241, 240, 240); text-decoration-style: initial; text-decoration-color: initial;">
Nov 7 15:39:12 00[DMN] Starting IKE charon daemon (strongSwan 5.6.0, Android 8.0.0 - OPR4.170623.009/2017-10-05, Nexus 5X - google/bullhead/LGE, Linux 3.10.73-ga51b1600b7f8, aarch64)</span><br style="color: rgb(75, 79, 86); font-family: Helvetica, Arial, sans-serif; font-size: 12px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: pre-wrap; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: rgb(241, 240, 240); text-decoration-style: initial; text-decoration-color: initial;"><span style="font-family: Helvetica, Arial, sans-serif; color: rgb(75, 79, 86); font-size: 12px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: pre-wrap; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: rgb(241, 240, 240); text-decoration-style: initial; text-decoration-color: initial;">Nov 7 15:39:12 00[LIB] loaded plugins: androidbridge charon android-log openssl fips-prf random nonce pubkey chapoly curve25519 pkcs1 pkcs8 pem xcbc hmac socket-default revocation eap-identity eap-mschapv2 eap-md5 eap-gtc eap-tls x509</span>
<div class="moz-cite-prefix"><br>
curve25519 loaded <br>
<br>
but on server, charon didn't loading curve so i loaded, and
android can connect now.<br>
<br>
Thanks for help<br>
Rafał<br>
<br>
<br>
W dniu 2017-11-07 o 20:22, Anvar Kuchkartaev pisze:<br>
</div>
<blockquote type="cite"
cite="mid:20171107192225.5648473.69899.15071@anvartay.com">
<div style="width: 100%; font-size: initial; font-family: Calibri,
'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125);
text-align: initial; background-color: rgb(255, 255, 255);">As
far as I know android clients are not supported curve25519.</div>
<div style="width: 100%; font-size: initial; font-family: Calibri,
'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125);
text-align: initial; background-color: rgb(255, 255, 255);"><br
style="display:initial">
</div>
<div style="font-size: initial; font-family: Calibri, 'Slate Pro',
sans-serif, sans-serif; color: rgb(31, 73, 125); text-align:
initial; background-color: rgb(255, 255, 255);">Anvar Kuchkartaev <br>
<a class="moz-txt-link-abbreviated" href="mailto:anvar@anvartay.com">anvar@anvartay.com</a> </div>
<table style="background-color:white;border-spacing:0px;"
width="100%">
<tbody>
<tr>
<td colspan="2" style="font-size: initial; text-align:
initial; background-color: rgb(255, 255, 255);">
<div style="border-style: solid none none;
border-top-color: rgb(181, 196, 223); border-top-width:
1pt; padding: 3pt 0in 0in; font-family: Tahoma, 'BB
Alpha Sans', 'Slate Pro'; font-size: 10pt;">
<div><b>From: </b>Rafał Sanocki</div>
<div><b>Sent: </b>martes, 7 de noviembre de 2017 05:19
p.m.</div>
<div><b>To: </b><a class="moz-txt-link-abbreviated" href="mailto:users@lists.strongswan.org">users@lists.strongswan.org</a></div>
<div><b>Subject: </b>[strongSwan] CURVE_25519
inacceptable</div>
</div>
</td>
</tr>
</tbody>
</table>
<br>
<div id="_originalContent" style="background-color: rgb(255, 255,
255);">
<meta http-equiv="content-type" content="text/html;
charset=utf-8">
<font size="-1"><tt>Hi,<br>
<br>
I try connect client :<br>
strongSwan 5.6.0, Android 8.0.0 -
OPR4.170623.009/2017-10-05, Nexus 5X - google/bullhead/LGE,
Linux 3.10.73-ga51b1600b7f8, aarch64<br>
<br>
server:<br>
ipsec version Linux strongSwan U5.6.0/K4.13.2<br>
<br>
connection type<br>
<br>
conn vpn-ikev2<br>
keyexchange=ikev2<br>
type=transport<br>
left=13.41.7.54<br>
leftcert=proxu.s.cert<br>
<a class="moz-txt-link-abbreviated"
href="mailto:leftid=@proxy.domain.com"
moz-do-not-send="true">leftid=@proxy.domain.com</a><br>
right=%any<br>
rightca=@#0b:c3:d4:33:....<br>
authby=rsasig<br>
keyingtries=%forever<br>
leftsubnet=0.0.0.0/0<br>
rightdns=192.168.0.2<br>
rightrsasigkey=%cert<br>
<br>
conn vpn-ikev2-android<br>
<------>also="vpn-ikev2"<br>
rightid="C=PL, ST=Malopolska, O=Test, OU=Sec man, <a
class="moz-txt-link-abbreviated"
href="mailto:CN=androidclient@domain.com"
moz-do-not-send="true">CN=androidclient@domain.com</a>, <a
class="moz-txt-link-abbreviated"
href="mailto:E=android@domain.com" moz-do-not-send="true">E=android@domain.com</a>"<br>
auto=add<br>
rightsourceip=192.168.0.100/32<br>
<br>
<br>
Windows clients can connect well, but when android trying i
have error in logs<br>
<br>
</tt><tt>charon: 10[IKE] DH group CURVE_25519 inacceptable,
requesting CURVE_25519<br>
<br>
what that mean curve_25519 != curve_25519??<br>
<br>
</tt></font><br>
<pre wrap="">Every helpful hint would be highly appreciated.
Rafał
</pre>
<font size="-1"><tt><br>
<br>
<br>
<br>
</tt></font> <br>
<!--end of _originalContent --></div>
</blockquote>
<br>
</body>
</html>