[strongSwan] Security Associations (0 up, 1 connecting)

Rod Simioni rod.simioni at biotrackthc.com
Mon Nov 28 17:06:11 CET 2016


I just compiled Linux strongSwan U5.5.1/K4.4.0-45-generic on my ubuntu
14.04 and I'm trying to connect to my VPN which I am the FW admin.

I'm getting this when I do a 'ipsec status' "Security Associations (0 up, 1
and I'm not able to access my VPN.

Below is the contents of ipsec.conf:

config setup

conn hq
        # rightauth=psk
        # rightauth2=xauth
        # ikev2=no

Below are the contents of my ipsec.secrets

@user_1 : XAUTH  "password"
%any  99.xx.xx.xx    : PSK "ThePSKpassword"

Below are meaningful contents of syslog:

Nov 28 10:54:26 ubuntu charon: 06[IKE] retransmit 5 of request with message
ID 0
Nov 28 10:54:26 ubuntu charon: 06[NET] sending packet: from[500] to 99.xx.xx.xx500] (804 bytes)
Nov 28 10:55:41 ubuntu charon: 11[IKE] giving up after 5 retransmits
Nov 28 10:55:41 ubuntu charon: 11[IKE] establishing IKE_SA failed, peer not

Below are contents of 'ipsec statusall'

root at ubuntu:/usr/local/etc# /usr/local/sbin/ipsec statusall
Status of IKE charon daemon (strongSwan 5.5.1, Linux 4.4.0-45-generic,
  uptime: 16 minutes, since Nov 28 10:47:26 2016
  malloc: sbrk 2433024, mmap 0, used 277712, free 2155312
  worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0,
scheduled: 0
  loaded plugins: charon aes des rc2 sha2 sha1 md5 random nonce x509
revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey
pem fips-prf gmp xcbc cmac hmac attr kernel-netlink resolve socket-default
stroke vici updown xauth-generic
Listening IP addresses:
          hq:  %any...99.xx.xx.xx  IKEv1/2
          hq:   local:  uses pre-shared key authentication
          hq:   remote: [99.xx.xx.xx] uses pre-shared key authentication
          hq:   child:  dynamic === TUNNEL
Security Associations (0 up, 0 connecting):

Thank you for your time and any help will be greatly appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20161128/596b01b6/attachment.html>

More information about the Users mailing list