[strongSwan] "peer not responding, try again"

Meera Sudhakar mira.sudhakar at gmail.com
Wed Mar 9 08:08:38 CET 2011 

Hi,

I am new to strongswan, and would really appreciate some help in setting up
the SAs. For some reason, packets being sent are not being received by the
other machine. After retries, it says "peer not responding, try again".
Please fine below an excerpt of my log file:

Mar  9 13:25:59 cip-Latitude-D520 charon: 06[CFG] received stroke: add
connection 'sample-with-ca-cert'
Mar  9 13:25:59 cip-Latitude-D520 charon: 06[CFG]   loaded certificate
"C=CH, O=Linux strongSwan, OU=Sales, CN=alice at strongswan.org" from
'myCert.pem'
Mar  9 13:25:59 cip-Latitude-D520 charon: 06[CFG]   id '10.58.114.215' not
confirmed by certificate, defaulting to 'C=CH, O=Linux strongSwan, OU=Sales,
CN=alice at strongswan.org'
Mar  9 13:25:59 cip-Latitude-D520 charon: 06[CFG] added configuration
'sample-with-ca-cert'
Mar  9 13:25:59 cip-Latitude-D520 charon: 06[CFG] received stroke: initiate
'sample-with-ca-cert'
Mar  9 13:25:59 cip-Latitude-D520 charon: 06[IKE] initiating IKE_SA
sample-with-ca-cert[1] to 10.58.112.139
Mar  9 13:25:59 cip-Latitude-D520 charon: 06[ENC] generating IKE_SA_INIT
request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
Mar  9 13:25:59 cip-Latitude-D520 charon: 06[NET] sending packet: from
10.58.114.215[500] to 10.58.112.139[500]
Mar  9 13:26:03 cip-Latitude-D520 charon: 14[IKE] retransmit 1 of request
with message ID 0
Mar  9 13:26:03 cip-Latitude-D520 charon: 14[NET] sending packet: from
10.58.114.215[500] to 10.58.112.139[500]
Mar  9 13:26:04 cip-Latitude-D520 charon: 10[CFG] received stroke: add
connection 'sample-with-ca-cert'
Also, please find below my ipsec.conf file:
 ipsec.conf - strongSwan IPsec configuration file
# basic configuration
config setup
        charondebug=all
        # plutodebug=all
        # crlcheckinterval=600
        strictcrlpolicy=yes
        # cachecrls=yes - only for ikev1
        # nat_traversal=yes
        charonstart=yes
        # plutostart=yes - only for ikev1
# Add connections here.
# Sample VPN connections
#conn sample-self-signed
#      left=10.58.112.170
#      leftsubnet=10.1.0.0/16
#      leftcert=selfCert.der
#      leftsendcert=never
#      right=10.58.112.235
#      rightsubnet=10.2.0.0/16
#      rightcert=peerCert.der
#      auto=start
conn sample-with-ca-cert
      left=10.58.114.215
      leftsubnet=10.58.114.0/24
      leftcert=myCert.pem
      right=10.58.112.139
      rightsubnet=10.58.112.0/24
      rightid="C=CH, O=Linux strongSwan CN=peer name"
      keyexchange=ikev2
      auto=start
include /var/lib/strongswan/ipsec.conf.inc

Can someone help me out?

Thanks,
Mira
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20110309/3c922c7c/attachment.html>

More information about the Users mailing list