[strongSwan] Mac OS 10.10 Client to Linux Strongswan server HASH N(AUTH_FAILED) error

Tobias Brunner tobias at strongswan.org
Mon Apr 18 17:23:23 CEST 2016

Hi Jude,

> Any insights into what I am missing in my setup, my hope is that this is
> just some simple newbie mistake I am doing.

Try reading the log:

> Apr 18 09:45:42 RH7Standard charon: 12[CFG] looking for XAuthInitRSA peer configs matching[C=US, O=BSI, CN=judeo at blansys.com]

The client wants to initiate an XAuth/RSA connection (with its
certificate's subject DN as identity).  However, your config specifies:

>    leftauth=psk
>    rightauth=psk
>    rightauth2=xauth

That is, you configured XAuth/PSK.  You also set:

>    rightid=

Which wouldn't match that subject DN even if the authentication methods
were the same.

You might want to have a look at [1].


[1] https://wiki.strongswan.org/projects/strongswan/wiki/IOS_%28Apple%29

More information about the Users mailing list