[strongSwan] Using StrongSwan for IPSec VPN on CentOS 7 - no matching peer config found.
jvpn at use.startmail.com
Mon Jan 4 01:10:38 CET 2016
I am trying to move a working strongswan eap-tls configuration from
pfsense to CentOS 7.
removed all entries except for config, conn %default and conn
IpsecIKEv2, adjusting conn IpsecIKEv2 to the following
pfsense working ipsec.conf looks like
# This file is automatically generated. Do not edit
uniqueids = yes
fragmentation = yes
keyexchange = ikev2
reauth = yes
forceencaps = no
mobike = no
rekey = yes
installpolicy = yes
type = tunnel
dpdaction = clear
dpddelay = 10s
dpdtimeout = 60s
auto = add
left = nnn.nnn.nnn.nnn
right = %any
leftid = fqdn:pfsense.org.name
ikelifetime = 28800s
lifetime = 3600s
rightsourceip = 192.168.142.0/24
ike = 3des-sha1-modp1024!
rightca="/C=US/ST=FL/L=City/O=Org_Inc/emailAddress=ca at Org.name/CN=Org-internal-ca/"
leftsubnet = 0.0.0.0/0
pfsense configuration was created by consulting
pfsense configuration works with both modes.
but on CentOS, (even when I copy ipsec.conf from pfsense, adjusting IP
and certificate, as a whole)
Jan 3 18:15:14 hostname charon: 07[CFG] looking for peer configs
Jan 3 18:15:14 hostname charon: 07[CFG] no matching peer config found
where server_name is CN from server certificate and client_name - from
Is there a working configuration for connecting iOS 9.x to CentOS
strongswan already described somewhere?
More information about the Users