[strongSwan] Site to Site with PSK Error

Chris Arnold carnold at electrichendrix.com
Sun Apr 1 17:39:49 CEST 2012 

Hi Andreas,
We have to have ikev2 due to a dhcp on the wan. I know this is going to sound stupid but I don't see where to specify ikev2 on the sonicwall. I would be happy to let you connect via teamviewer to see what I am seeing. 

Sent from my iPhone

On Apr 1, 2012, at 9:39 AM, Andreas Steffen <andreas.steffen at strongswan.org> wrote:

> Hello Chris,
> 
> it seems to be that no IKEv2 connection is defined on the sonicwall
> side, so the connection setup fails. In earlier posts you tried to
> connect via IKEv1 which was partially successful. Try to setup an
> IKEv2 connection on the sonicwall box.
> 
> Regards
> 
> Andreas
> 
> On 04/01/2012 01:47 PM, Chris Arnold wrote:
>> Thanks Andreas! Commenting out the load line now gets me further. Output from:
>> ipsec up teknerds
>> initiating IKE_SA teknerds[1] to sonicwall.publi.ip
>> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
>> sending packet: from 192.168.1.18[500] to sonicwall.publi.ip[500]
>> received packet: from sonicwall.publi.ip[500] to 192.168.1.18[500]
>> parsed IKE_SA_INIT response 0 [ N(INVAL_SYN) ]
>> received INVALID_SYNTAX notify error
>> 
>> Logs from sonicwall side:
>> 04/01/2012 07:36:17.576 Warning VPN IKE IKEv2 Payload processing error strongswan.public.ip, 500 sonicwall.public.ip, 500 Type: SA Payload   
>> 5 04/01/2012 07:36:17.576 Warning VPN IKE IKEv2 VPN Policy not found strongswan.public.ip, 500 sonicwall.public.ip, 500 No VPN policy for peer gateway :strongswan.public.ip
>> 6 04/01/2012 07:36:17.576 Info VPN IKE IKEv2 Responder: Received IKE_SA_INIT request strongswan.public.ip, 500 sonicwall.public.ip, 500 
>> 
> 
> ======================================================================
> Andreas Steffen                         andreas.steffen at strongswan.org
> strongSwan - the Linux VPN Solution!                www.strongswan.org
> Institute for Internet Technologies and Applications
> University of Applied Sciences Rapperswil
> CH-8640 Rapperswil (Switzerland)
> ===========================================================[ITA-HSR]==

More information about the Users mailing list