[strongSwan] no shared key found

Bruno Furtado brunofurtado at brunofurtado.net
Mon Feb 25 15:28:52 CET 2013


Hello folks,

I'm trying to make a connection with my mobile device and I get the error :
" no shared key found "

somebody can help me?


# ipsec.conf

config setup
        plutostart=yes

conn %default
        ikelifetime=60m
        keylife=20m
        rekeymargin=3m
        keyingtries=1
        keyexchange=ikev2
        authby=secret

conn mobile
        left=10.1.2.10
        leftsubnet=10.1.2.0/24
        right=%any
        rightsubnet=10.1.3.0/24
        auto=add


LOG:

Feb 25 10:14:48 vpngit charon: 01[CFG]   reached self-signed root ca with a
path length of 0
Feb 25 10:14:48 vpngit charon: 01[CFG]   using trusted certificate "CN=AC
da ACME, OU=ACME, O=XPTO, C=BR"
Feb 25 10:14:48 vpngit charon: 01[CFG]   ocsp response correctly signed by
"CN=AC da ACME, OU=ACME, O=XPTO, C=BR"
Feb 25 10:14:48 vpngit charon: 01[CFG]   ocsp response contains no status
on our certificate
Feb 25 10:14:48 vpngit charon: 01[CFG]   fetching crl from '
http://crl.xpto/AC_XPTO.crl' ...
Feb 25 10:14:48 vpngit charon: 01[CFG] crl response verification failed
Feb 25 10:14:48 vpngit charon: 01[CFG] certificate status is not available
Feb 25 10:14:48 vpngit charon: 01[CFG]   reached self-signed root ca with a
path length of 1
Feb 25 10:14:48 vpngit charon: 01[IKE] authentication of 'UID=bfurtado,
CN=Bruno Furtado, OU=ACME, O=XPTO, C=BR' with RSA signature successful
Feb 25 10:14:48 vpngit charon: 01[IKE] peer supports MOBIKE
Feb 25 10:14:48 vpngit charon: 01[IKE] authentication of '10.1.2.3'
(myself) with pre-shared key
Feb 25 10:14:48 vpngit charon: 01[IKE] no shared key found for '10.1.2.3' -
'UID=bfurtado, CN=Bruno Ferreira Furtado, OU=ACME, O=XPTO, C=BR'
Feb 25 10:14:48 vpngit charon: 01[ENC] generating IKE_AUTH response 1 [
N(AUTH_FAILED) ]


regards,
-- 
Bruno Furtado

LinkedIn: http://linkd.in/brunofurtado
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130225/d9d5bcb2/attachment.html>


More information about the Users mailing list