[strongSwan] IKEv2 fails IKE_SA_INIT response
Dennis Frett
frett at us.ibm.com
Fri May 6 23:06:47 CEST 2011
I'm seeing this problem running IKEv2 on strongswan since installing
4.5.1.
If strongswan initiates to a system that does not return the NAT-D notify
payloads on ike_sa_init response, i see the following error on the
strongswan console:
If i run the same strongswan with basically the same configuration to
another system that does return the NAT-D notify payloads i get no errors.
the ipsec.conf is set to 'authby=secret' in both cases.
initiating IKE_SA strongswan-system[1] to 9.5.149.32
generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
sending packet: from 9.5.149.53[500] to 9.5.149.32[500]
received packet: from 9.5.149.32[500] to 9.5.149.53[500]
payload of type CERTIFICATE_REQUEST not occured 1 times (0)
IKE_SA_INIT response with message ID 0 processing failed
retransmit 1 of request with message ID 0
sending packet: from 9.5.149.53[500] to 9.5.149.32[500]
received packet: from 9.5.149.32[500] to 9.5.149.53[500]
payload of type CERTIFICATE_REQUEST not occured 1 times (0)
IKE_SA_INIT response with message ID 0 processing failed
retransmit 2 of request with message ID 0
sending packet: from 9.5.149.53[500] to 9.5.149.32[500]
received packet: from 9.5.149.32[500] to 9.5.149.53[500]
payload of type CERTIFICATE_REQUEST not occured 1 times (0)
IKE_SA_INIT response with message ID 0 processing failed
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20110506/b3d14c6b/attachment.html>
More information about the Users
mailing list