[strongSwan] Problem in android (xauth+psk) and iphone (Cisco Ipsec) with storonswan
Tobias Brunner
tobias at strongswan.org
Mon Oct 29 10:08:43 CET 2012
Hi Hamid,
> Oct 27 09:25:06 4 charon: 16[ENC] generating INFORMATIONAL_V1 request
> 2434938569 [ N(INVAL_KE) ]
There are several possible reasons why charon would respond with an
INVALID_KEY_INFORMATION notify, but for most the actual reason is
logged. There seems to be one scenario where this is not the case and
that is if no PSK is found during IKEv1 Main Mode.
The line
> moon.strongswan.org %any : PSK "test123456"
in your ipsec.secrets file won't match as charon does not resolve FQDNs
in ipsec.secrets and moon.strongswan.org is not used as identity by your
gateway. Just use
> : PSK "test123456"
instead.
That there is no explicit log message is incorrect and should be fixed
with [1].
Regards,
Tobias
[1] http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=f30962de
More information about the Users
mailing list