[strongSwan] Antw: Re: Best practice for win7 <-> strongswan 5.1
Martin Willi
martin at strongswan.org
Thu Oct 24 12:04:26 CEST 2013
> Error 13801 ike authentication credentials are unacceptable...
> 07[ENC] generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
> 07[NET] sending packet: from 456.456.456.456[4500] to
Most likely the Windows client does not accept the server certificate.
Make sure that you have:
* a subjectAltname in the certificate matching the server name you
entered in the client connection
* you have the serverAuth certificate extension, and
* installed the certificate properly, as outlined in [1]
You can install the CA certificate as seen in [1], or alternatively
install the server certificate directly to "Trusted People". Just make
sure to pick the "Local Computer" store.
Regards
Martin
[1]http://wiki.strongswan.org/projects/strongswan/wiki/Win7EapCert
More information about the Users
mailing list