[strongSwan] Problem in android (xauth+psk) and iphone (Cisco Ipsec) with storonswan
Hamid Zamani
if.else.fi at gmail.com
Sat Oct 27 15:13:47 CEST 2012
Hello ,
I've configured a debian server with following config :
IPsec.conf :
conn ioss
keyexchange=ikev1
authby=xauthpsk
xauth=server
left=%defaultroute
leftsubnet=0.0.0.0/0
leftfirewall=yes
right=%any
rightsubnet=0.0.0.0/0
rightsourceip=10.10.9.0/24
auto=add
modeconfig=push
ipsec.secrets :
test1 : XAUTH "test123"
moon.strongswan.org %any : PSK "test123456"
Error :
[...]
Oct 27 09:25:06 4 charon: 15[IKE] received draft-ietf-ipsec-nat-t-ike-08
vendor ID
Oct 27 09:25:06 4 charon: 15[IKE] received draft-ietf-ipsec-nat-t-ike-07
vendor ID
Oct 27 09:25:06 4 charon: 15[IKE] received draft-ietf-ipsec-nat-t-ike-06
vendor ID
Oct 27 09:25:06 4 charon: 15[IKE] received draft-ietf-ipsec-nat-t-ike-05
vendor ID
Oct 27 09:25:06 4 charon: 15[IKE] received draft-ietf-ipsec-nat-t-ike-04
vendor ID
Oct 27 09:25:06 4 charon: 15[IKE] received draft-ietf-ipsec-nat-t-ike-03
vendor ID
Oct 27 09:25:06 4 charon: 15[IKE] received draft-ietf-ipsec-nat-t-ike-02
vendor ID
Oct 27 09:25:06 4 charon: 15[IKE] received draft-ietf-ipsec-nat-t-ike-02\n
vendor ID
Oct 27 09:25:06 4 charon: 15[IKE] received XAuth vendor ID
Oct 27 09:25:06 4 charon: 15[IKE] received Cisco Unity vendor ID
Oct 27 09:25:06 4 charon: 15[ENC] received unknown vendor ID:
40:48:b7:d5:6e:bc:e8:85:25:e7:de:7f:00:d6:c2:d3:80:00:00:00
Oct 27 09:25:06 4 charon: 15[IKE] received DPD vendor ID
Oct 27 09:25:06 4 charon: 15[IKE] y.y.y.y is initiating a Main Mode IKE_SA
Oct 27 09:25:06 4 charon: 15[ENC] generating ID_PROT response 0 [ SA V V V ]
Oct 27 09:25:06 4 charon: 15[NET] sending packet: from x.x.x.x[500] to
y.y.y.y[500]
Oct 27 09:25:06 4 charon: 16[NET] received packet: from y.y.y.y[500] to
x.x.x.x[500]
Oct 27 09:25:06 4 charon: 16[ENC] parsed ID_PROT request 0 [ KE No NAT-D
NAT-D ]
Oct 27 09:25:06 4 charon: 16[IKE] remote host is behind NAT
Oct 27 09:25:06 4 charon: 16[ENC] generating INFORMATIONAL_V1 request
2434938569 [ N(INVAL_KE) ]
Oct 27 09:25:06 4 charon: 16[NET] sending packet: from x.x.x.x[500] to
y.y.y.y[500]
So it doesn't connect to server .
Also with certifcate just android (Xauth + rsa) works and IPhone (Cisco
Ipsec ) doesn't work
Where is the problem ?
Thank you so much
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20121027/89fecca2/attachment.html>
More information about the Users
mailing list