[strongSwan] Is there a complete recipe about for using an AWS instance as one end?

Whit Blauvelt whit at transpect.com
Mon Sep 11 05:08:49 CEST 2017

I'm farther along, but still stuck. Now I see with ipsec barf:

First pluto complaining multiply:

  We cannot identify ourselves with either end of this connection. or xx.yy.zz.108 are not usable

This is with xx.yy.zz.108 plainly available as an IP on a WAN interface. The
 other IP, on another interface, has no reference in the config.

Then pluto advises:

  packet from aa.bb.cc.245:500: initial Main Mode message received on xx.yy.zz.108:500 but no connection has been authorized with policy PSK+IKEV1_ALLOW

Note that's saying the message has been recieved on the IP which is "not
usable." I assume the connection has not been "authorized" because it was
previously rejected as "unusable"?

What are the criteria for "usable"?


More information about the Users mailing list