[strongSwan] Odd Windows 10 (w/Strongswan on the server side) problem

Karl Denninger karl at denninger.net
Sat Dec 17 21:55:37 CET 2016


The server is not involved here but perhaps someone else with Windows 10
operating against StrongSwan has seen it...

Recently my laptop started throwing an error "The parameter is
incorrect" when I try to start the VPN connection.  Deleting the
connection and re-setting it doesn't clear the problem.  If I trace on
the server side I get the SA packet out and it blows up there.

I see this much out of the server:

Dec 17 14:40:13 NewFS charon: 05[NET] received packet: from
192.168.1.19[500] to
 70.169.168.7[500] (880 bytes)
Dec 17 14:40:13 NewFS charon: 05[ENC] parsed IKE_SA_INIT request 0 [ SA
KE No N(
NATD_S_IP) N(NATD_D_IP) V V V V ]
Dec 17 14:40:13 NewFS charon: 05[IKE] received MS NT5 ISAKMPOAKLEY v9
vendor ID
Dec 17 14:40:13 NewFS charon: 05[IKE] received MS-Negotiation Discovery
Capable
vendor ID
Dec 17 14:40:13 NewFS charon: 05[IKE] received Vid-Initial-Contact vendor ID
Dec 17 14:40:13 NewFS charon: 05[ENC] received unknown vendor ID:
01:52:8b:bb:c0
:06:96:12:18:49:ab:9a:1c:5b:2a:51:00:00:00:02
Dec 17 14:40:13 NewFS charon: 05[IKE] 192.168.1.19 is initiating an IKE_SA
Dec 17 14:40:13 NewFS charon: 05[IKE] sending cert request for "C=US,
ST=Florida
, L=Niceville, O=Cuda Systems LLC, CN=Cuda Systems LLC CA, E=Cuda
Systems LLC CA
"
Dec 17 14:40:13 NewFS charon: 05[ENC] generating IKE_SA_INIT response 0
[ SA KE
No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ]
Dec 17 14:40:13 NewFS charon: 05[NET] sending packet: from
70.169.168.7[500] to
192.168.1.19[500] (333 bytes)

And that's it; the client throws the error and is starting to say
*something* about validating some thing or another (perhaps my local
end?) but it never goes further.

Setting up a connection from a DIFFERENT Win10 machine works fine, so
it's computer-specific. It never gets to the point of checking
certificates, so whatever it is that's making it angry is happening on
the client side before it gets there.

If anyone has run into this and has any ideas on where to look it would
be appreciated.  I turned on RAS tracing and it tells me nothing; there
is no error in the logs that generates, and I can't find an exception in
the system event log either.

My other clients are working fine; Android and Windows....

-- 
Karl Denninger
karl at denninger.net <mailto:karl at denninger.net>
/The Market Ticker/
/[S/MIME encrypted email preferred]/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20161217/9d5ba88c/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2996 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20161217/9d5ba88c/attachment.bin>


More information about the Users mailing list