[strongSwan] Connecting Native Android VPN app > Strongswan IKEv2

Hay, Ben (EG Consulting) ben.hay at hpe.com
Thu Oct 1 17:30:02 CEST 2015 

Hi Everyone

Many thanks in advance.

I am attempting to connect a Samsung Galaxy Note 4 running Android Lollipop 5.1.1 to a StrongSwan VPN server.

We are using:

*         IKEv2

*         RSA Certs

**First question is, can the Android Native app on the Samsung Galaxy Note 4 actually connect to StrongSwan or does it require the proprietary app.**???

I am able to successfully connect using the same device using the proprietary StrongSwan app whilst using IKEv2 and also have successfully setup a IKEv1 connection using PSK XAUTH on the native client.

Below is the syslog file showing the connection progress made:

-          Connection initiates

-          Attempts to contact CRL (not implemented here, so fails)

-          Checks cert and appears happy with it

-          Assigns it a virtual IP address

-          Then FAILS.

o   We are unsure as to why it fails at the end.
[cid:image001.png at 01D0FC66.63DA0280]

Below is the ipsec.conf output

[cid:image002.png at 01D0FC66.63DA0280]


Error on the device is connection "unsuccessful".

If anyone has any help or ideas, it would be much appreciated.

Thanks in advance.

Regards

Ben Hay
Technology Consultant

Enterprise Group
Networking and Enterprise Mobility

ben.hay at hpe.com<mailto:ben.hay at hpe.com>
T +447833048826
Hewlett-Packard Ltd
Amen Corner
Cain Road
Bracknell, Berkshire, RG12 1HN
England

Planned Holiday

19th October - 9th November 2015


Hewlett-Packard Limited   |   Registered Office: Cain Road, Bracknell, Berkshire, RG12 1HN   |    Registered No: 690597 England   |    VAT Number: GB 314 1496 79
This e-mail may contain confidential and/or legally privileged material for the sole use of the intended recipient.  If you are not the intended recipient (or authorized to receive for the recipient) please contact the sender by reply e-mail and delete all copies of this message.  If you are receiving this message internally within the Hewlett Packard group of companies, you should consider the contents "CONFIDENTIAL".

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20151001/77aba86c/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 262571 bytes
Desc: image001.png
URL: <http://lists.strongswan.org/pipermail/users/attachments/20151001/77aba86c/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 70687 bytes
Desc: image002.png
URL: <http://lists.strongswan.org/pipermail/users/attachments/20151001/77aba86c/attachment-0003.png>

More information about the Users mailing list