[strongSwan] parsed CREATE_CHILD_SA response 2 [ N(TS_UNACCEPT) ], received TS_UNACCEPTABLE notify, no CHILD_SA built
Jafar Al-Gharaibeh
jafar at atcorp.com
Tue Feb 20 16:50:45 CET 2018
Sujoy,
It is really hard to help you if don't give us full information only
sending us one picture at a time. Please use test files, they are easier
to navigate than screen shots. Your last question below is a repeat to a
question that I answered before. If you want proper diagnose of the
problem please send the configuration files,logs, routing table at both
ends. see 8 at:
https://wiki.strongswan.org/projects/strongswan/wiki/HelpRequests
Make sure to increase the debug level in your ipsec.conf files at both
ends, something like:
config setup
charondebug="ike 3, net 3, mgr 3, esp 3, chd 3, dmn 3, cfg 3, knl 3"
Regards,
Jafar
On 2/20/2018 8:00 AM, Sujoy wrote:
> Hi Jafar,
>
> I am able to establish tunnel when I try to connect from LAN IP. But
> with same configuration(Firewall setting) and same OS version it
> failed to establish tunnel with *nated public IP*.
>
> What means parsed "failed to establish CHILD_SA, keeping IKE_SA".
> Please let me know if you have any idea regarding this issue.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180220/8c9d912b/attachment.html>
More information about the Users
mailing list