[strongSwan] StrongSwan->SonicWall issue

Andrew Munn andrew at nmedia.net
Wed Jun 8 00:45:02 CEST 2016

I can successfully connect from Windows to a SonicWall using the Windows 
SonicWall Global VPN Client.   When I try to connect using StrongSwan I 
get errors on the SonicWall:

IKEv2 payload processing error
IKEv2 VPN Policy not found - No VPN Policy for peer gateway

on the linux box I get

[ENC] parsing NOTIFY payload finished
[ENC] verifying payload of type NOTIFY
[ENC] NOTIFY payload verified, adding to payload list
[ENC] process payload of type NOTIFY
[ENC] verifying message structure
[ENC] found payload of type NOTIFY
[ENC] parsed IKE_SA_INIT response 0 [ N(INVAL_SYN) ]
[IKE] received INVALID_SYNTAX notify error
[IKE] IKE_SA sr[1] state change: CONNECTING => DESTROYING

ipsec.conf is like:

config setup
        charondebug="ike 2, cfg 2, enc 2"
conn sr
  right=<ip removed>
  rightid=<ip removed>
  #ike=aes256-sha1-modp2048 # tried both of these
  ike=aes128-sha1-modp2048! # ... no luck.

config setup
        # strictcrlpolicy=yes
        # uniqueids = no
        charondebug="ike 2, cfg 2, enc 2"

ipsec.secrets is just : <ip removed> : PSK "secret"

Any ideas what is wrong?  Thanks

More information about the Users mailing list