[strongSwan] Unable to connect to the VPN server from ubuntu via nm-strongswan
kabanov.box at icloud.com
Sat Apr 15 10:38:55 CEST 2017
What I have:
strongswan 5.2.1 on Bananapi.
That's what I want to use to connect:
Linux on desktop.
These files were created:
CA private key;
VPN host private key;
VPN host certificate;
Client private key;
Client certificate (.pem and .p12 for iOS).
IPsec configuration file (server):
# ipsec.conf - strongSwan IPsec configuration file
charondebug="cfg 2, dmn 2, ike 2, net 2"
Secrets file (server):
# This file holds shared secrets or RSA private keys for authentication.
# RSA private key for this host, authenticating it to any other host
# which knows the public part.
# this file is managed with debconf and will contain the automatically
: RSA vpn-host-key.pem
I can connect from my iOS devices, but from Ubuntu (16.10 and now 17.04)
with network-manager-strongswan (1.4.1-1) I can't (Vpn connection failed).
bananapi(server) tail -f /var/log/syslog:
Apr 15 13:32:32 bananapi charon: 08[CFG] no matching peer config found
Apr 15 13:32:32 bananapi charon: 08[IKE] processing INTERNAL_IP4_ADDRESS
Apr 15 13:32:32 bananapi charon: 08[IKE] processing INTERNAL_IP4_DNS
Apr 15 13:32:32 bananapi charon: 08[IKE] processing INTERNAL_IP4_NBNS
Apr 15 13:32:32 bananapi charon: 08[IKE] peer supports MOBIKE
Apr 15 13:32:32 bananapi charon: 08[ENC] generating IKE_AUTH response 1
[ N(AUTH_FAILED) ]
Apr 15 13:32:32 bananapi charon: 08[NET] sending packet: from
192.168.0.101 to 85.140.*.* (76 bytes)
Apr 15 13:32:32 bananapi charon: 03[NET] sending packet: from
192.168.0.101 to 85.140.*.*
Apr 15 13:32:32 bananapi charon: 08[IKE] IKE_SA (unnamed) state
change: CONNECTING => DESTROYING
Settings of vpn-connection (network manager Ubuntu):
Adress: ip adress of the bananapi
Certificate: CA certificate (.pem)
Authentication: Certificate/private key
Certificate: Client certificate(.pem)
Private key: Client private key(.pem)
Please indicate where I made a mistake.
More information about the Users