[strongSwan] failed to use android client
watermirror
357836635 at qq.com
Tue May 17 09:41:10 CEST 2016
hi, i am trying to use strongswan client to connect to server. i got an error from client:
.....
[IKE]signature validation failed, looking for another key
...
[CFG]subject certificate invalid(valid from may 16 15:14:10 2016 to May 16 15:14:10 2019)
....
[ENC]generating INFORMATIONAL request 2 [N (AUTH_FAILED)]
....
my ipsec.conf is:
-------------------------------------------------------------------------
config setup
uniqueids=never
# also supports iOS PSK and Shrew on Windows
conn android_xauth_psk
keyexchange=ikev1
left=%defaultroute
leftauth=psk
leftsubnet=0.0.0.0/0
right=%any
rightauth=psk
rightauth2=xauth
rightsourceip=10.0.0.0/24
auto=add
# compatible with "strongSwan VPN Client" for Android 4.0+
# and Windows 7 cert mode.
conn networkmanager-strongswan
keyexchange=ikev2
left=%defaultroute
leftauth=pubkey
leftsubnet=0.0.0.0/0
leftcert=servercert.pem
right=%any
rightauth=pubkey
rightsourceip=10.0.0.0/24
rightcert=clientcert.pem
auto=add
my strongswan.conf is:
---------------------------------------------------------------------------------------------
charon {
duplicheck.enable = no
dns1 = 192.168.0.1
dns2 = 192.168.0.1
# for Windows only
#nbns1 = 208.67.222.222
#nbns2 = 208.67.220.220
filelog {
/var/log/strongswan.charon.log {
time_format = %b %e %T
default = 2
append = no
flush_line = yes
}
}
}
ipsec.secrets is:
----------------------------------------------------------------
: RSA serverkey.pem
please give me some help to solve this problem. thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160517/71a62458/attachment.html>
More information about the Users
mailing list