[strongSwan] [KNL] received netlink error: No such file or directory (2) - unable to add SAD entry with SPI
Thomas Egerer
hakke_007 at gmx.de
Sun Dec 27 20:19:12 CET 2015
Hello Conrad
On 12/26/2015 01:55 PM, ck+strongswanusers at bl4ckb0x.de wrote:
> Hello!
> I am trying to setup StrongSwan on a new Gentoo server.
> My Lumia 950XL (Windows Phone 10) is the connecting device.
>
> The connection fails, because I am getting "Invalid payload received" on
> the client side.
>
> Debug Log: http://pastebin.com/huTE2PxY
> Config: http://pastebin.com/9q84N6ii
I suspect that one of the negotiated crypto algorithms for ESP is not
available in the kernel. According to your config this should be AES256
along with SHA1. It could however not hurt to turn up logging for cfg
faciliy to 2 in your ipsec.conf. Loglevel 3 or 4 for knl would give us
the exact netlink message which in this case would be much better.
Modify the appropriate ipsec.conf line as follows:
charondebug="cfg 2, dmn 2, ike 2, net 2, lib 3, knl 4"
and run your test again. Then we can analyze the logs and see if this
gets us any further.
Cheers,
Thomas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20151227/4d8f7d27/attachment.pgp>
More information about the Users
mailing list