[strongSwan] Strongswan -- win7 ikev2 problem

Saad Shafiq saad.shafiq at and-or.com
Mon Apr 28 09:41:09 CEST 2014


Hi, I'm trying to connect win7 ikev2 with strongswan.
Win7 hangs on verifying username and password and strongswan ipsec tunnel
stays in connecting mode but never goes up.
I've tried mobikey on win-7 enabled and disabled with same results. Both
server and client firewalls are disabled.

I am testing this on Linux strongSwan U5.1.3/K2.6.31.5-127.fc12.i686.PAE,
win-7 is Ultimate-64b (6.1, build 7600)

Here are my swan config files <http://pastebin.com/T6cwxGV5> and
charon log<http://pastebin.com/2fjsRGCa>
...

ipsec statusall
---------------------
Status of IKE charon daemon (weakSwan 5.1.3, Linux
2.6.31.5-127.fc12.i686.PAE, i686):
  uptime: 19 seconds, since Apr 28 12:22:01 2014
  malloc: sbrk 245760, mmap 0, used 129896, free 115864
  worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0,
scheduled: 1
  loaded plugins: charon curl aes des sha1 sha2 md4 md5 pem pkcs1 pkcs8 gmp
random nonce x509 revocation hmac xcbc stroke kernel-netlink socket-default
attr unity xauth-generic eap-identity eap-mschapv2
Virtual IP pools (size/online/offline):
  172.16.1.11: 1/0/0
Listening IP addresses:
  134.202.84.62
  172.16.1.10
Connections:
     rw_win7:  134.202.84.62...%any  IKEv2, dpddelay=300s
     rw_win7:   local:  [134.202.84.62] uses pre-shared key authentication
     rw_win7:   remote: uses EAP_MSCHAPV2 authentication with EAP identity
'%any'
     rw_win7:   child:  172.16.1.0/24[udp/l2tp] === dynamic[udp] TUNNEL,
dpdaction=clear
Security Associations (0 up, 1 connecting):
     rw_win7[1]: CONNECTING,
134.202.84.62[134.202.84.62]...134.202.84.63[134.202.84.63]
     rw_win7[1]: IKEv2 SPIs: 35a502746b35cd39_i 8253db86942f3f5f_r*
     rw_win7[1]: IKE proposal:
AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
     rw_win7[1]: Tasks passive: IKE_CERT_PRE IKE_AUTH IKE_CERT_POST
IKE_CONFIG CHILD_CREATE IKE_AUTH_LIFETIME IKE_MOBIKE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20140428/174b93b1/attachment.html>


More information about the Users mailing list