[strongSwan] IPSec vpmc PSK configuration issues
Fabian Dreßler
fabian.dressler at me.com
Wed Jun 1 22:39:22 CEST 2016
Hi all,
I hope you can help me with my Strongswan Configuration. The goal is to
have a VPN Server for my Smartphone (Android) and my Computer (Ubuntu)
in America. (I am from Germany)
The problem is that I can't connect to the server. Because of this
syslog (Server) message I think thats a problem with the configuration.
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[NET] received packet:
from X.X.X.X[53089] to 172.31.56.231[500] (1302 bytes)
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[ENC] parsed AGGRESSIVE
request 0 [ SA KE No ID V V V V V V V V V ]
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] received XAuth
vendor ID
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] received Cisco
Unity vendor ID
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] received NAT-T (RFC
3947) vendor ID
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] received
draft-ietf-ipsec-nat-t-ike-03 vendor ID
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] received
draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] received
draft-ietf-ipsec-nat-t-ike-02 vendor ID
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[ENC] received unknown
vendor ID: 16:f6:ca:16:e4:a4:06:6d:83:82:1a:0f:0a:ea:a8:62
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] received
draft-ietf-ipsec-nat-t-ike-00 vendor ID
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] received DPD vendor ID
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] X.X.X.X is
initiating a Aggressive Mode IKE_SA
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[CFG] looking for
XAuthInitPSK peer configs matching 172.31.56.231...X.X.X.X[fabian]
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[IKE] no peer config found
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[ENC] generating
INFORMATIONAL_V1 request 2765535231 [ N(AUTH_FAILED) ]
Jun 1 20:33:49 ip-172-31-56-231 charon: 12[NET] sending packet:
from 172.31.56.231[500] to X.X.X.X[53089] (56 bytes)
My configuration files:
//etc/ipsec.secret:
/
172.31.56.231 %any : PSK "PASSWORD"
fabian : XAUTH "PASSWORD"
//etc/ipsec.conf//:/
conn fabian
keyexchange=ikev1
authby=xauthpsk
xauth=server
left=%defaultroute
leftsubnet=0.0.0.0/0
leftfirewall=yes
right=%any
rightsubnet=192.168.201.0/24
rightsourceip=192.168.201.1/24
rightdns=8.8.8.8
auto=add
leftauth=psk
rightauth=psk
rightauth2=xauth
On my computer I use vpnc (network-manager-vpnc-gnome) for the connection.
/syslog from the computer:
/
/Jun 1 22:38:26 Fabian-PC NetworkManager[918]: <info>
[1464813506.8417] audit: op="connection-activate"
uuid="821a00af-dd54-41c8-8715-552e9f5bef00" name="Amazon AWS"
pid=2256 uid=1000 result="success"
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: <info>
[1464813506.8446]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: Started the VPN service, PID 7945
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: <info>
[1464813506.8568]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: Saw the service appear; activating connection
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: <info>
[1464813506.8575]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: VPN plugin: state changed: init (1)
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: ** Message: vpnc
started with pid 7956
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: <info>
[1464813506.9468]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: VPN plugin: state changed: starting (3)
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: <info>
[1464813506.9468]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: VPN connection: (ConnectInteractive) reply received
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: <info>
[1464813506.9576] manager: (tun0): new Tun device
(/org/freedesktop/NetworkManager/Devices/14)
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: <info>
[1464813506.9634] devices added (path:
/sys/devices/virtual/net/tun0, iface: tun0)
Jun 1 22:38:26 Fabian-PC NetworkManager[918]: <info>
[1464813506.9636] device added (path: /sys/devices/virtual/net/tun0,
iface: tun0): no ifupdown configuration found.
Jun 1 22:38:27 Fabian-PC NetworkManager[918]: /usr/sbin/vpnc:
response was invalid [1]: (ISAKMP_N_INVALID_EXCHANGE_TYPE)(7)
Jun 1 22:38:27 Fabian-PC NetworkManager[918]: <info>
[1464813507.0979] devices removed (path:
/sys/devices/virtual/net/tun0, iface: tun0)
Jun 1 22:38:27 Fabian-PC NetworkManager[918]: **
(nm-vpnc-service:7945): WARNING **: vpnc exited with error code 1
Jun 1 22:38:27 Fabian-PC NetworkManager[918]: <warn>
[1464813507.1125]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: VPN plugin: failed: connect-failed (1)
Jun 1 22:38:27 Fabian-PC NetworkManager[918]: <warn>
[1464813507.1127]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: VPN plugin: failed: connect-failed (1)
Jun 1 22:38:27 Fabian-PC NetworkManager[918]: <info>
[1464813507.1128]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: VPN plugin: state changed: stopping (5)
Jun 1 22:38:27 Fabian-PC NetworkManager[918]: <info>
[1464813507.1128]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: VPN plugin: state changed: stopped (6)
Jun 1 22:38:27 Fabian-PC NetworkManager[918]: <info>
[1464813507.1133]
vpn-connection[0xaee3e0,821a00af-dd54-41c8-8715-552e9f5bef00,"Amazon
AWS",0]: VPN plugin: state change reason: unknown (0)/
I hope that you can help me with this issue.
Thank you for a hint,
Fabian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160601/6f9e09f8/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160601/6f9e09f8/attachment-0001.sig>
More information about the Users
mailing list