[strongSwan] [KNL] received netlink error: No such file or directory (2) - unable to add SAD entry with SPI
ck at conrad-kostecki.de
Mon Dec 28 00:33:43 CET 2015
Here is my output: http://pastebin.com/46dgkmKc
Am 27.12.2015 um 22:58 schrieb Thomas Egerer:
> Conrad, I only had a quick look at the log. Nothing suspicous so far.
> However, I need the output of your /proc/crypto file to know what
> crypto algorithms are supported by your kernel.
> On 12/27/2015 09:07 PM, Conrad Kostecki wrote:
>> Hi Thomas!
>> Am 27.12.2015 um 20:19 schrieb Thomas Egerer:
>>> Hello Conrad
>>> On 12/26/2015 01:55 PM, ck+strongswanusers at bl4ckb0x.de wrote:
>>>> I am trying to setup StrongSwan on a new Gentoo server.
>>>> My Lumia 950XL (Windows Phone 10) is the connecting device.
>>>> The connection fails, because I am getting "Invalid payload received" on
>>>> the client side.
>>>> Debug Log: http://pastebin.com/huTE2PxY
>>>> Config: http://pastebin.com/9q84N6ii
>>> I suspect that one of the negotiated crypto algorithms for ESP is not
>>> available in the kernel. According to your config this should be AES256
>>> along with SHA1. It could however not hurt to turn up logging for cfg
>>> faciliy to 2 in your ipsec.conf. Loglevel 3 or 4 for knl would give us
>>> the exact netlink message which in this case would be much better.
>>> Modify the appropriate ipsec.conf line as follows:
>>> charondebug="cfg 2, dmn 2, ike 2, net 2, lib 3, knl 4"
>>> and run your test again. Then we can analyze the logs and see if this
>>> gets us any further.
>> Thanks for the suggestion. I've modified it and created a new log file:
>> AES256 and SHA1 are build in in my kernel, if I am not searching for the
>> wrong options..
>> Users mailing list
>> Users at lists.strongswan.org
> Users mailing list
> Users at lists.strongswan.org
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4950 bytes
Desc: S/MIME Cryptographic Signature
More information about the Users