[strongSwan] Upgrade client to 5.6.3, get AUTH_FAILED
Hoggins!
hoggins at radiom.fr
Sat Jul 14 11:39:05 CEST 2018
Hello,
I bumped into a strange problem and I was wondering if you could help me :
Sun is my StrongSWAN "server" (concentrator), and has been running
StrongSWAN 5.6.3 for a few days, no problem.
Its "clients" have various StrongSWAN versions, including Moon which was
running StrongSWAN 5.6.1. No problem.
Then I upgraded Moon to StrongSWAN 5.6.3 and Moon cannot authenticate
anymore to Sun. Sun complains about a MAC mismatch :
Jul 13 20:26:15 webfront-2 strongswan[1363]: 01[CFG] selected peer
config 'net-net'
Jul 13 20:26:15 webfront-2 strongswan[1363]: 01[IKE] tried 12 shared
keys for '1.2.3.4' - 'netnetYomama', but MAC mismatched
Jul 13 20:26:15 webfront-2 strongswan[1363]: 01[IKE] peer supports
MOBIKE
Jul 13 20:26:15 webfront-2 strongswan[1363]: 01[ENC] generating
IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Neither secrets nor config have changed on both peers, and are both
readable and listed, but the newly upgraded Moon cannot authenticate
properly and gets rejected.
Any idea?
Thank you!
Hoggins!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180714/f722c50e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180714/f722c50e/attachment.sig>
More information about the Users
mailing list