[strongSwan] unity_split_include prevents VPN from connecting.

Michael Gorbach michael at mgorbach.name
Thu Mar 8 05:13:28 CET 2012


(Don't know if this email will get threaded correctly. I can't reply to the original email, since I just joined the list when i saw this thread) …

I'm seeing the same problem, also with the iOS Cisco Client. Interestingly, its happening even though the pool isn't actually set (yet) for that strongSwann connection. The presence of a pool is fine, but the presence of a pool with this UNITY_SPLIT_INCLUDE attribute set appears to cause the connection to fail with the following:

"ansible-threshold-pki"[2] <client IP>:3047 #1: cannot respond to IPsec SA request because no connection is known for 172.16.1.0/24===172.16.1.102:4500[C=US, O=AnsibleThreshold strongSwan, CN=<server ip>]...174.252.36.126:3047[C=US, O=AnsibleThreshold strongSwan, CN=<My iPhone>]===10.0.8.1/32

Some help would be very much appreciated,
~ Michael Gorbach
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4371 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20120307/0c05f6c9/attachment.bin>


More information about the Users mailing list