[strongSwan] [strongswan ] Regarding Installation issue in strongswan

SaRaVanAn saravanan.nagarajan87 at gmail.com
Mon Nov 19 07:42:55 CET 2012


Hi,
   I m facing problem in negotiating VPN tunnel with Strongswan.It fails,
even configured and received proposals are same.

 I hope , its an installation problem, because it was working fine when I
installed at first time. Now I just reinstalled strongswan and getting
below errors .

Could you please help me to narrow down the problem?

Error logs
___________
Nov 16 21:25:45 localhost charon: 13[IKE] secret => 10 bytes @ 0x90d2fa0
Nov 16 21:25:45 localhost charon: 13[IKE]    0: 73 61 63 68 69 6E 74 65 6E
31                    sachinten1
Nov 16 21:25:45 localhost charon: 13[IKE] prf(secret, keypad) => 20 bytes @
0xaf7006a0
Nov 16 21:25:45 localhost charon: 13[IKE]    0: 6A A5 74 DD 13 F6 67 7B 79
C0 9C A6 3C 05 D5 29  j.t...g{y...<..)
Nov 16 21:25:45 localhost charon: 13[IKE]   16: 32 65 D6
8B                                      2e..
Nov 16 21:25:45 localhost charon: 13[IKE] AUTH = prf(prf(secret, keypad),
octets) => 20 bytes @ 0xaf7006b8
Nov 16 21:25:45 localhost charon: 13[IKE]    0: EA ED 0F DC 84 EA 34 06 E3
B2 C1 6A C0 D1 AB 2D  ......4....j...-
Nov 16 21:25:45 localhost charon: 13[IKE]   16: 9E A7 72
00                                      ..r.
Nov 16 21:25:45 localhost charon: 13[IKE] authentication of 'peer at cass.com'
with pre-shared key successful
Nov 16 21:25:45 localhost charon: 13[IKE] authentication of 'dut at cass.com'
(myself) with pre-shared key
Nov 16 21:25:45 localhost charon: 13[IKE] IDx' => 16 bytes @ 0xb1879f20
Nov 16 21:25:45 localhost charon: 13[IKE]    0: 03 00 00 00 64 75 74 40 63
61 73 73 2E 63 6F 6D  ....dut at cass.com
Nov 16 21:25:45 localhost charon: 13[IKE] SK_p => 20 bytes @ 0xaed02688
Nov 16 21:25:45 localhost charon: 13[IKE]    0: F5 AA AC F2 9A 74 E0 F5 1E
8D E4 96 FC A5 95 8B  .....t..........
Nov 16 21:25:45 localhost charon: 13[IKE]   16: 8D 33 09
C8                                      .3..
Nov 16 21:25:45 localhost charon: 13[IKE] octets = message + nonce +
prf(Sk_px, IDx') => 573 bytes @ 0xaf701a60
Nov 16 21:25:45 localhost charon: 13[IKE]    0: 2A FF 9B 49 79 98 53 74 4A
47 F8 C5 D9 C9 3A 5E  *..Iy.StJG....:^
Nov 16 21:25:45 localhost charon: 13[IKE]   16: 21 20 22 20 00 00 00 00 00
00 02 09 22 00 00 30  ! " ........"..0
Nov 16 21:25:45 localhost charon: 13[IKE]   32: 00 00 00 2C 01 01 00 04 03
00 00 0C 01 00 00 0C  ...,............
Nov 16 21:25:45 localhost charon: 13[IKE]   48: 80 0E 01 00 03 00 00 08 03
00 00 02 03 00 00 08  ................
Nov 16 21:25:45 localhost charon: 13[IKE]   64: 02 00 00 02 00 00 00 08 04
00 00 05 28 00 00 C8  ............(...
Nov 16 21:25:45 localhost charon: 13[IKE]   80: 00 05 00 00 77 00 0D F9 AC
D1 8D 8C 87 21 A6 E5  ....w........!..
Nov 16 21:25:45 localhost charon: 13[IKE]   96: B3 A2 93 12 16 4B 89 0A 80
78 A7 72 D4 D3 AE 89  .....K...x.r....
Nov 16 21:25:45 localhost charon: 13[IKE]  112: 07 3B 57 BA BD 04 90 5C 31
0F BE CE F4 46 FC 40  .;W....\1....F.@
Nov 16 21:25:45 localhost charon: 13[IKE]  128: 49 D9 CA 33 8A 7F 8F 6D CC
83 E4 15 1D 64 D7 F3  I..3...m.....d..
Nov 16 21:25:45 localhost charon: 13[IKE]  144: BE B3 DA 13 7B 6C AA C1 72
41 0C 65 E2 06 82 15  ....{l..rA.e....
Nov 16 21:25:45 localhost charon: 13[IKE]  160: 5E F2 F9 17 1A D4 C7 9F A7
3F 19 6A 47 78 9E 52  ^........?.jGx.R
Nov 16 21:25:45 localhost charon: 13[IKE]  176: 17 C1 57 2F B6 D3 3C 47 33
B6 B7 E1 3B F5 2D 8D  ..W/..<G3...;.-.
Nov 16 21:25:45 localhost charon: 13[IKE]  192: 24 51 53 1C 0A 24 1C 7A B7
7D 2E 40 91 94 0C 1D  $QS..$.z.}. at ....
Nov 16 21:25:45 localhost charon: 13[IKE]  208: C7 9A D3 E5 51 F9 C0 26 65
8E B9 22 46 BD 0E 9F  ....Q..&e.."F...
Nov 16 21:25:45 localhost charon: 13[IKE]  224: 76 EE B6 34 7A 09 5C B3 3E
F8 CB D6 E2 AE 8D 44  v..4z.\.>......D
Nov 16 21:25:45 localhost charon: 13[IKE]  240: 0A 0F F0 7B BA 1E 28 7B 62
C2 DD 64 2F 75 BC 9B  ...{..({b..d/u..
Nov 16 21:25:45 localhost charon: 13[IKE]  256: F2 D1 70 BE 56 B0 F4 D9 E7
79 9E 2C 4A 6B A1 90  ..p.V....y.,Jk..
Nov 16 21:25:45 localhost charon: 13[IKE]  272: 44 81 FB 78 29 00 00 24 99
A7 F5 D1 F6 4E 24 2B  D..x)..$.....N$+
Nov 16 21:25:45 localhost charon: 13[IKE]  288: 11 6D DB 21 EC E5 51 A2 6C
A1 92 83 F7 21 A2 91  .m.!..Q.l....!..
Nov 16 21:25:45 localhost charon: 13[IKE]  304: 5E 47 7F C8 EB 51 D0 DE 29
00 00 1C 00 00 40 04  ^G...Q..)..... at .
Nov 16 21:25:45 localhost charon: 13[IKE]  320: 42 C3 FD 5D 62 92 B6 A3 42
D1 F3 A0 F2 A3 BD EB  B..]b...B.......
Nov 16 21:25:45 localhost charon: 13[IKE]  336: 6F E1 E1 B2 26 00 00 1C 00
00 40 05 73 70 A5 86  o...&..... at .sp..
Nov 16 21:25:45 localhost charon: 13[IKE]  352: 01 9F EB D6 A2 29 FB 1C 12
0E 30 D0 62 4B E8 56  .....)....0.bK.V
Nov 16 21:25:45 localhost charon: 13[IKE]  368: 29 00 00 91 04 9C 1C 5B DF
4F E3 32 69 28 D4 2C  )......[.O.2i(.,
Nov 16 21:25:45 localhost charon: 13[IKE]  384: C6 62 C4 F3 E8 E7 4E 28 D2
B0 D5 5D 79 52 0F FA  .b....N(...]yR..
Nov 16 21:25:45 localhost charon: 13[IKE]  400: 38 57 9D F3 BD 9E 66 6C 6C
B4 40 8E 8E 78 89 16  8W....fll. at ..x..
Nov 16 21:25:45 localhost charon: 13[IKE]  416: 93 F8 D9 01 9D 35 05 F0 A6
37 6C AE B5 41 82 16  .....5...7l..A..
Nov 16 21:25:45 localhost charon: 13[IKE]  432: F0 49 9A 5C 12 44 BC 09 59
38 D2 31 F3 77 67 E5  .I.\.D..Y8.1.wg.
Nov 16 21:25:45 localhost charon: 13[IKE]  448: 6F DE 53 3C CF A1 D2 6B A2
08 C0 01 1F 8F B6 13  o.S<...k........
Nov 16 21:25:45 localhost charon: 13[IKE]  464: 8B C1 D7 DB 96 CF 3E 09 AE
D8 E3 86 2A 32 6B 97  ......>.....*2k.
Nov 16 21:25:45 localhost charon: 13[IKE]  480: 20 83 0C 88 8C C2 E3 23 84
CC 27 43 AA 60 AD 50   ......#..'C.`.P
Nov 16 21:25:45 localhost charon: 13[IKE]  496: 78 94 6C F3 5D 27 43 8E E0
E5 B4 23 86 5C 54 47  x.l.]'C....#.\TG
Nov 16 21:25:45 localhost charon: 13[IKE]  512: 4F 00 00 00 08 00 00 40 14
5F 30 D8 13 3C 10 93  O...... at ._0..<..
Nov 16 21:25:45 localhost charon: 13[IKE]  528: B8 3B A4 38 7E 1B 06 AD C6
35 3C 7E 7C 48 E0 D1  .;.8~....5<~|H..
Nov 16 21:25:45 localhost charon: 13[IKE]  544: D2 56 BC BE C9 34 F3 BB A1
6D 6C 6B 19 E8 1D AB  .V...4...mlk....
Nov 16 21:25:45 localhost charon: 13[IKE]  560: 78 D3 32 63 9D 6D 32 49 1B
B5 23 5E 12           x.2c.m2I..#^.
Nov 16 21:25:45 localhost charon: 13[IKE] secret => 10 bytes @ 0x90d2fa0
Nov 16 21:25:45 localhost charon: 13[IKE]    0: 73 61 63 68 69 6E 74 65 6E
31                    sachinten1
Nov 16 21:25:45 localhost charon: 13[IKE] prf(secret, keypad) => 20 bytes @
0xaf7005b8
Nov 16 21:25:45 localhost charon: 13[IKE]    0: 6A A5 74 DD 13 F6 67 7B 79
C0 9C A6 3C 05 D5 29  j.t...g{y...<..)
Nov 16 21:25:45 localhost charon: 13[IKE]   16: 32 65 D6
8B                                      2e..
Nov 16 21:25:45 localhost charon: 13[IKE] AUTH = prf(prf(secret, keypad),
octets) => 20 bytes @ 0xaf7010f8
Nov 16 21:25:45 localhost charon: 13[IKE]    0: 42 D1 EB C4 54 2E FE B9 51
D9 E9 52 1B 23 12 04  B...T...Q..R.#..
Nov 16 21:25:45 localhost charon: 13[IKE]   16: D2 B6 20
08                                      .. .
Nov 16 21:25:45 localhost charon: 13[IKE] successfully created shared key
MAC
Nov 16 21:25:45 localhost charon: 13[IKE] IKE_SA fqdn_vr[1] established
between 35.0.0.2[dut at cass.com]...35.0.0.1[peer at cass.com]
Nov 16 21:25:45 localhost charon: 13[IKE] IKE_SA fqdn_vr[1] state change:
CONNECTING => ESTABLISHED
Nov 16 21:25:45 localhost charon: 13[CFG] received proposals:
ESP:AES_CBC_256/HMAC_SHA1_96/MODP_1536/NO_EXT_SEQ
Nov 16 21:25:45 localhost charon: 13[CFG] configured proposals:
ESP:AES_CBC_128/AES_CBC_256/HMAC_SHA1_96/MODP_1536/MODP_2048/NO_EXT_SEQ,
ESP:3DES_CBC/HMAC_SHA1_96/HMAC_MD5_96/MODP_1536/NO_EXT_SEQ,
ESP:AES_CBC_128/AES_CBC_192/AES_CBC_256/3DES_CBC
/BLOWFISH_CBC_256/HMAC_SHA1_96/AES_XCBC_96/HMAC_MD5_96/NO_EXT_SEQ
Nov 16 21:25:45 localhost charon: 13[IKE] no acceptable proposal found
Nov 16 21:25:45 localhost charon: 13[IKE] failed to establish CHILD_SA,
keeping IKE_SA
Nov 16 21:25:45 localhost charon: 13[ENC] generating IKE_AUTH response 1 [
IDr AUTH N(NO_PROP) ]
Nov 16 21:25:45 localhost charon: 13[NET] sending packet: from
35.0.0.2[500] to 35.0.0.1[500]
Nov 16 21:25:45 localhost charon: 13[MGR] checkin IKE_SA fqdn_vr[1]
Nov 16 21:25:45 localhost charon: 05[NET] sending packet: from
35.0.0.2[500] to 35.0.0.1[500]
Nov 16 21:25:45 localhost charon: 13[MGR] check-in of IKE_SA successful.

Regards,
Saravanan N
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20121119/f0d578be/attachment.html>


More information about the Users mailing list