[strongSwan] recurring problem of PSK, but cannot spot the error
ilyas Guennoun
elsa.watson-fzy8fw2 at yopmail.com
Wed Nov 20 20:21:41 CET 2013
So I set debug level to 4 for ike, kernel, config and network
I removed the ids to keep the minimum configuration (for better understanding) so I used IP adresses only.
conn cisco_home
left=192.168.168.152
leftsubnet=169.254.229.0/24
leftauth=psk
right=192.168.168.161
rightsubnet=192.168.15.0/24
rightauth=psk
type=tunnel
ike=aes128-sha1-modp1024
esp=aes128-sha1
auto=add
and ipsecure.secrets
192.168.168.152 192.168.168.161 : PSK password
include /var/lib/strongswan/ipsec.secrets.inc
BUT, i have the error when removing the quotes
$ ipsec secrets
002 loading secrets from "/etc/ipsec.secrets"
002 loaded PSK secret for 192.168.168.152 192.168.168.161
003 "/etc/ipsec.secrets" line 10: PSK data malformed (input does not begin with format prefix): password
002 loading secrets from "/var/lib/strongswan/ipsec.secrets.inc"
the version I am using
$ ipsec version
Linux strongSwan U4.5.2/K3.2.0-29-generic-pae
latest in ubuntu repo
From: Izz Abdullah
<izz.abdullah at wepanow.com>
Sent: Wednesday, November 20, 2013 10:52
To:
users at lists.strongswan.org
<users at lists.strongswan.org>
Subject: Re: [strongSwan] recurring problem of PSK, but cannot spot the error
I ran into this same problem when I first setup strongSwan. The ipsec.secrets file is in the format like so:
RemoteID : PSK PSK_VALUE
192.168.168.161 : PSK password
No need for quotes, and since your ID of the remote peer is the same as the IP, then the above should work.
Izz Abdullah
Senior Systems Engineer
Izz.Abdullah at wepanow.com
205.605.6039 Office
800.675.7639 Toll Free
www.wepanow.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20131120/10056c3b/attachment.html>
More information about the Users
mailing list