[strongSwan] help with basic strongswan connection

Justin Grover justin.grover at gmail.com
Wed Feb 27 18:43:27 CET 2013


 Hi all,

I'm having some trouble connecting my strongswan client to a strongswan
server on our small testing network.  charon and starter are both running
on the strongswan Ubuntu client (192.168.0.75) and the strongswan Ubuntu
server (192.168.0.50).



When I type "*sudo ipsec up mytest" *on the client-side, I get an error
saying “*unable to initiate to %any*.”



Here are the ipsec files from the client & server.  Can someone help me
dissect what's going on?



*### Client ###*

# ipsec.conf – strongSwan IPsec configuration file

config setup

                strictcrlpolicy=no

                plutostart=no



conn %default

                ikelifetime=60m

                keylife=20m

                rekeymargin=3m

                keyingtries=1

                authby=secret

                keyexchange=ikev2



conn mytest

                left=%any

                leftsubnet=0.0.0.0/0

                leftcert=/home/amdroid/cacert.pem

                leftsourceip=%config

                mobike=yes

                right=%any

                auto=start





*### Server ###*

# ipsec.conf – strongSwan IPsec configuration file

config setup

                strictcrlpolicy=no

                plutostart=no



conn %default

                ikelifetime=60m

                keylife=20m

                rekeymargin=3m

                keyingtries=1

                authby=secret

                keyexchange=ikev2



conn mytest

                left=%any

                leftsubnet=0.0.0.0/0

                mobike=yes

                right=%any

                auto=add

                authby=pubkey

                leftcert=cert.pem

                rightid=%any

                leftid=%any

                rightsourceip=10.0.0.1/24

                esp=aes256-sha384-modp4096 !

                ike=aes256-sha384-modp4096 !
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130227/8b9c6ca7/attachment.html>


More information about the Users mailing list