[strongSwan] vpn clients (cisco/shrewsoft and other cisco unity clients) connectivity issues with Strongswan-v5.2.1
Martin Willi
martin at strongswan.org
Thu Dec 4 10:31:19 CET 2014
Hi,
> leftsubnet=192.168.2.0/24,172.16.0.0/16
Are you using the unity plugin to negotiate multiple subnets in IKEv1?
> modeconfig=push
Which of your clients is using push mode? Most of them probably use pull
mode, and you must have the correct mode configured on the used
strongSwan connection for each client.
> 1. Quick mode is failing when i use shrew-soft-vpn clients (and the server
> is configured with cisco unity extensions in the attr.conf file)
It seems that it fails because of the wrong modeconfig configuration:
Mode Config is triggered twice in your log, once in push and once in
pull mode. Try to set modeconfig=pull, refer to [1] for details.
Regards
Martin
[1]https://wiki.strongswan.org/issues/764#note-12
More information about the Users
mailing list