[strongSwan] Antw: Re: Best practice for win7 <-> strongswan 5.1

Martin Willi martin at strongswan.org
Thu Oct 24 12:04:26 CEST 2013

> Error 13801 ike authentication credentials are unacceptable...

> 07[ENC] generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
> 07[NET] sending packet: from 456.456.456.456[4500] to

Most likely the Windows client does not accept the server certificate.
Make sure that you have:

      * a subjectAltname in the certificate matching the server name you
        entered in the client connection
      * you have the serverAuth certificate extension, and
      * installed the certificate properly, as outlined in [1]

You can install the CA certificate as seen in [1], or alternatively
install the server certificate directly to "Trusted People". Just make
sure to pick the "Local Computer" store.



More information about the Users mailing list