[strongSwan] help with basic strongswan connection
Justin Grover
justin.grover at gmail.com
Wed Feb 27 18:43:27 CET 2013
Hi all,
I'm having some trouble connecting my strongswan client to a strongswan
server on our small testing network. charon and starter are both running
on the strongswan Ubuntu client (192.168.0.75) and the strongswan Ubuntu
server (192.168.0.50).
When I type "*sudo ipsec up mytest" *on the client-side, I get an error
saying “*unable to initiate to %any*.”
Here are the ipsec files from the client & server. Can someone help me
dissect what's going on?
*### Client ###*
# ipsec.conf – strongSwan IPsec configuration file
config setup
strictcrlpolicy=no
plutostart=no
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
authby=secret
keyexchange=ikev2
conn mytest
left=%any
leftsubnet=0.0.0.0/0
leftcert=/home/amdroid/cacert.pem
leftsourceip=%config
mobike=yes
right=%any
auto=start
*### Server ###*
# ipsec.conf – strongSwan IPsec configuration file
config setup
strictcrlpolicy=no
plutostart=no
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
authby=secret
keyexchange=ikev2
conn mytest
left=%any
leftsubnet=0.0.0.0/0
mobike=yes
right=%any
auto=add
authby=pubkey
leftcert=cert.pem
rightid=%any
leftid=%any
rightsourceip=10.0.0.1/24
esp=aes256-sha384-modp4096 !
ike=aes256-sha384-modp4096 !
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130227/8b9c6ca7/attachment.html>
More information about the Users
mailing list