<div dir="ltr"><div>I reloaded the file and was ablt to get the secret . I get</div><div><br></div><div>[IKE] IKE_SA my-vpn[12] established between locip[locip]...ipsecip[ipsecip]<br>[IKE] scheduling reauthentication in 78158s<br>[IKE] maximum IKE_SA lifetime 86798s<br>[ENC] generating QUICK_MODE request 925866246 [ HASH SA No ID ID ]<br>[NET] sending packet: from locip[500] to ipsecip[500] (172 bytes)<br>[NET] received packet: from ipsecip[500] to locip[500] (108 bytes)<br>[ENC] parsed INFORMATIONAL_V1 request 3675363864 [ HASH N((24576)) ]<br>[IKE] received (24576) notify<br>[NET] received packet: from ipsecip[500] to locip[500] (92 bytes)<br>[ENC] parsed INFORMATIONAL_V1 request 2592328021 [ HASH N(NO_PROP) ]<br>[IKE] received NO_PROPOSAL_CHOSEN error notify</div><div><br></div><div>Does anyone know how I could proceed?<br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, 19 Aug 2021 at 17:02, Chasing Vega <<a href="mailto:chasingvega8@gmail.com">chasingvega8@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>Hi</div><div><br></div><div>I have a server which is public and accepts IPsec and am trying to connect to it through strong</div><div><br></div><div>My configuration for strongswan is <br></div><div><br></div><div>connections {<br> my-vpn {<br> remote_addrs = server_publicip<br> version = 1<br> proposals = aes256-sha-modp1024<br> reauth_time = 1440m<br> local {<br> auth = psk<br> id = loc<br> }<br> remote {<br> # id field here is inferred from the remote address<br> auth = psk<br> id = sec<br> }<br> children {<br> my-vpn-1 {<br> local_ts = local_public_ip<br> remote_ts = server_public_ip<br> mode = transport<br> esp_proposals = aes256-sha-modp1024<br> rekey_time = 60m<br> start_action = trap<br> dpd_action = restart<br> }<br> }<br> }<br><br>}<br>secrets {<br> ike-my-vpn-1 {<br> id-1 = loc<br> id-2 = sec<br> secret = "This is a strong password"<br> }<br>}</div><div><br></div><div>When I try to run strongswan I get</div><div><br></div><div>[IKE] initiating Main Mode IKE_SA my-vpn[49] to serveraddr<br>[ENC] generating ID_PROT request 0 [ SA V V V V V ]<br>[NET] sending packet: from locip[500] to serveraddr[500] (184 bytes)<br>[NET] received packet: from serveraddr[500] to locip[500] (108 bytes)<br>[ENC] parsed ID_PROT response 0 [ SA V ]<br>[IKE] received NAT-T (RFC 3947) vendor ID<br>[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024<br>[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]<br>[NET] sending packet: from locip[500] to serveraddr[500] (244 bytes)<br>[NET] received packet: from serveraddr[500] to locip[500] (304 bytes)<br>[ENC] parsed ID_PROT response 0 [ KE No V V V V NAT-D NAT-D ]<br>[IKE] received Cisco Unity vendor ID<br>[IKE] received DPD vendor ID<br>[ENC] received unknown vendor ID: 5d:4b:ac:66:6b:54:71:15:4b:07:98:9c:05:7e:be:f2<br>[IKE] received XAuth vendor ID<br>[IKE] no shared key found for 'loc'[locip] - 'sec'[serveraddr]<br>[IKE] no shared key found for locip - serveraddr<br>[ENC] generating INFORMATIONAL_V1 request 1109914452 [ N(INVAL_KE) ]<br>[NET] sending packet: from locip[500] to serveraddr[500] (56 bytes)</div><div><br></div><div><br></div><div>Does anyone have suggestion?<br></div></div>
</blockquote></div>