[strongSwan] (no subject)

Yogesh Purohit yogeshpurohit2 at gmail.com
Mon Oct 29 06:42:34 CET 2018

Hi Team,

I am trying to establish tunnel with my strongswan.
But after receiving IKE_AUTH response my local strongswan end (initiator)
rejects tunnel saying ' length of TRAFFIC_SELECTOR_SUBSTRUCTURE
substructure list invalid'.

And I am unable to get the reason for the same. Because I have configured
traffic selectors matching.

IKE_Auth response which is recived is of 252 bytes, whereas when my tunnel
was established in other case IKE_AUTH response was of 204 bytes.
NOTE: I am trying the tunnel with PSK and version is IKEv2.

So is there fixed bytes of IKE_AUTH response which is expected by
strongswan for PSK.

And what does 'length of TRAFFIC_SELECTOR_SUBSTRUCTURE substructure list
invalid' means, I tried finding it in RFC, but could not find the same.

Thanks & Regards,

Yogesh Purohit
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20181029/ccdcec3f/attachment.html>

More information about the Users mailing list