[strongSwan-dev] PSEUDO_RANDOM_FUNCTION PRF_AES128_XCBC not supported!
siddesh r
siddu049 at gmail.com
Mon May 30 10:51:30 CEST 2016
Hi
I using below transform set for ikev2
conn net-net
left=192.168.2.1
leftauth=psk
leftsubnet=22.1.0.0/16
leftid=192.168.2.1
leftfirewall=no
right=192.168.2.2
rightauth=psk
rightsubnet=22.2.0.0/16
rightid=192.168.2.2
ike=aes128-aesxcbc-modp2048!
auto=add
And getting the below error, could any one let me know whether there is
anything wrong in the configuration
May 30 14:16:17 bgl-mitg-sim481 charon: 02[IKE] initiating IKE_SA
net-net[2] to 192.168.2.2
May 30 14:16:17 bgl-mitg-sim481 charon: 02[ENC] generating IKE_SA_INIT
request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
May 30 14:16:17 bgl-mitg-sim481 charon: 02[NET] sending packet: from
192.168.2.1[500] to 192.168.2.2[500]
May 30 14:16:17 bgl-mitg-sim481 charon: 10[NET] received packet: from
192.168.2.2[500] to 192.168.2.1[500]
May 30 14:16:17 bgl-mitg-sim481 charon: 10[ENC] parsed IKE_SA_INIT response
0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
May 30 14:16:17 bgl-mitg-sim481 charon: 10[IKE] PSEUDO_RANDOM_FUNCTION
PRF_AES128_XCBC not supported!
May 30 14:16:17 bgl-mitg-sim481 charon: 10[IKE] key derivation failed.
Thanks in advance,
Siddesh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20160530/67d61be3/attachment.html>
More information about the Dev
mailing list