[strongSwan] no virtual IP found for %any6
Tobias Brunner
tobias at strongswan.org
Fri Oct 3 09:19:08 CEST 2014
Hi Jay,
> The IPV4 tunnel appears to be
> assigned whereas there is no IPV6 tunnel configured so none is assigned.
> The result is that the Android client deletes the connection since both
> requests aren't satisfied.
No that's not the issue. It's perfectly fine to setup a tunnel for one
address family only.
> 04[KNL] received netlink error: No such file or directory (2)
> 04[KNL] unable to add SAD entry with SPI c8489b44
> 04[KNL] received netlink error: No such file or directory (2)
> 04[KNL] unable to add SAD entry with SPI 6c540958
> 04[IKE] unable to install inbound and outbound IPsec SA (SAD) in kernel
> 04[IKE] failed to establish CHILD_SA, keeping IKE_SA
This is the actual problem that causes the server to return a
NO_PROPOSAL_CHOSEN notify back to the client, which it then treats as a
failure:
> 05[IKE] received NO_PROPOSAL_CHOSEN notify, no CHILD_SA built
> 05[IKE] closing IKE_SA due CHILD_SA setup failure
Regarding the error returned by your kernel:
> received netlink error: No such file or directory (2)
I'm not sure what may cause it at that point. Most likely you are
missing some of the required kernel modules [1].
Regards,
Tobias
[1] https://wiki.strongswan.org/projects/strongswan/wiki/KernelModules
More information about the Users
mailing list