[strongSwan] Is there a complete recipe about for using an AWS instance as one end?
Whit Blauvelt
whit at transpect.com
Mon Sep 11 05:08:49 CEST 2017
I'm farther along, but still stuck. Now I see with ipsec barf:
First pluto complaining multiply:
We cannot identify ourselves with either end of this connection. 172.17.10.3 or xx.yy.zz.108 are not usable
This is with xx.yy.zz.108 plainly available as an IP on a WAN interface. The
other IP, on another interface, has no reference in the config.
Then pluto advises:
packet from aa.bb.cc.245:500: initial Main Mode message received on xx.yy.zz.108:500 but no connection has been authorized with policy PSK+IKEV1_ALLOW
Note that's saying the message has been recieved on the IP which is "not
usable." I assume the connection has not been "authorized" because it was
previously rejected as "unusable"?
What are the criteria for "usable"?
Thanks,
Whit
More information about the Users
mailing list