<div dir="ltr">Hi Tobias,<div><br></div><div>That was it, the client was not expecting a certificate from the server side!</div><div>Thanks for all the help.</div><div><br></div><div>BR,</div><div>Giorgos</div></div><br><div class="gmail_quote"><div dir="ltr">On Thu, Dec 6, 2018 at 10:15 AM Tobias Brunner <<a href="mailto:tobias@strongswan.org">tobias@strongswan.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi Giorgos,<br>
<br>
> I am trying to connect my galaxy s9+ via the native IKEv2 client to a<br>
> strong swan server of mine via IKEv2-PSK.<br>
<br>
That's not exactly what you are doing. From the server's perspective<br>
you are using a PSK only to authenticate the client (rightauth), the<br>
server is authenticated with a certificate (leftauth, defaults to pubkey<br>
and you also load a certificate). Maybe the client expects the server<br>
to authenticate with a PSK too, or it doesn't trust the server cert, or<br>
the identity doesn't match. Anyway, without client log it's difficult<br>
to say what its reason for returning an AUTH_FAILED notify is.<br>
<br>
Regards,<br>
Tobias<br>
</blockquote></div>