[strongSwan] "no peer config found" but it's all there. What's wrong here?
Jakob Curdes
jc at info-systems.de
Fri Jul 11 13:49:41 CEST 2014
I have been looking at this for hours, can't see the problem.
StrongSwan 5.0.1 on CentOS, older SARIAN router as peer, PSK setup.
Tries to connect, finds proposal for IKE, and then:
charon: 06[CFG] looking for pre-shared key peer configs matching
a.b.c.d...w.x.y.z[kr05]
charon: 06[CFG] peer config match local: 1 (ID_ANY)
charon: 06[CFG] peer config match remote: 0 (ID_KEY_ID -> 6b:72:30:35)
charon: 06[CFG] ike config match: 1052 (a.b.c.d w.x.y.z IKEv1)
charon: 06[IKE] no peer config found
The config looks like:
authby=secret
keyexchange=ikev1
conn krumm-wea5
left=a.b.c.d
leftsubnet=10.100.101.0/24
right=%any
rightid=kr05
rightsubnet=172.16.29.0/24
So it sees the ID but claims it is different or what?
As soon as I remove the ID from the sending peer, it finds a config,
but we need the IDs to distinguish different peers with dynamic IPs.
How can I find out more about the reason it says "no peer config found"?
Thank you for a hint,
Jakob
More information about the Users
mailing list