[strongSwan] No acceptable DIFFIE_HELLMAN_GROUP found

Andreas Steffen andreas.steffen at strongswan.org
Mon Nov 15 20:56:18 CET 2010

Hi Bill,

the error message on the Mocana side is:

   AUTH_ALG missing

Section 8 "IKEv2 Algorithm Selection" of RFC 5282


explicitly states:

   This document updates [RFC4306] to
   require that when an authenticated encryption algorithm is selected
   as the encryption algorithm for any SA (IKE or ESP), an integrity
   algorithm MUST NOT be selected for that SA.

Thus Mocana probably does not implement RFC 5282 correctly by
expecting an authentication algorithm.

Kind regards


On 11/15/2010 08:09 PM, William Greene wrote:
> Andreas,
> My apologies as my last email was incorrect.  My test set up got
> blinkered some how and the error TS_UNACCEPTABLE was well...   incorrect.
> I have fixed my set up and I'm back to getting "received
> NO_PROPOSAL_CHOSEN notify, no CHILD_SA built", but it is now getting
> farther.  Your previous suggestion of using
> "esp=aes256gcm16-modp1024-modp2048,aes128gcm16-modp1024-modp2048!"
> solved my "no acceptable DIFFIE_HELLMAN_GROUP found".  But still the
> ipsec connect eludes me.
> On the mocana side I can see in the logs:
>   I -->
>    TSi: icmp
>    TSr: icmp
>  spi={1f4d8f80069c25cf 6cfe69d01046128a} np=E{N}
>  exchange=CREATE_CHILD_SA msgid=1 len=396
> SEND 396 bytes to[500] (2229.766)
> RECV 348 bytes from[500] at (2229.794)
>  spi={1f4d8f80069c25cf 6cfe69d01046128a} np=E{N}
>  exchange=CREATE_CHILD_SA msgid=1 len=348
>   I <--
>     Proposal #1: ESP[3] spi=ca883928
>      ENCR_AES_GCM_16 256-BITS
>      DH_2
>      ESN_0
>      *AUTH_ALG missing*
>   CHILD_SA failed [v2 I], status = -8961
> The mocana side is configured for gcm and sha256.  I've tried inserting
> "-sha256" to the esp line in Strongswan's ipsec.conf file and restarting
> ipsec.  No luck as sha265 never shows up in the proposals.  I've tried
> setting both sides to use sha1, but have the same negative result.  The
> log from the StrongSwan side:
> Nov 15 13:48:18 05[CFG] received proposals:
> ESP:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/HMAC_SHA1_96/MODP_1024/MODP_768/MODP_1536/MODP_2048/MODP_NONE/NO_EXT_SEQ
> Nov 15 13:48:18 05[CFG] configured proposals:
> ESP:AES_GCM_16_256/MODP_1024/MODP_2048/NO_EXT_SEQ
> Nov 15 13:48:18 05[CFG] selected proposal:
> If I set the mocana side for gcm and any, the ipsec connection comes up
> fine and dandy.  So obviously I must be misconfiguring the StrongSwan
> side?  How do I specify in the ipsec.conf file for the connection to use
> some version of sha, preferably sha256?
> Thanks again for all your help and patience,
> Bill

Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

More information about the Users mailing list