[strongSwan] Strongswan 5.8 built from source site-to-site issues
Noel Kuntze
noel.kuntze at thermi.consulting
Tue Jul 9 23:16:27 CEST 2019
Hello Leon,
It's just you.
Kind regards
Noel
Am 09.07.19 um 23:12 schrieb Leon K:
> Hi All,
>
> I have built Strongswan 5.8 from source on Ubuntu 18.04 and can't establish a site-to-site VPN tunnel.
>
> Tried both strongswan (swanctl,vici) and strongswan-starter (charon).
> I got this record in syslog.log:
>
> *no IKE config found for 10.5.5.254...69.X.X.X, sending NO_PROPOSAL_CHOSEN*
>
> On my production Ubuntu strongwan package (Linux strongSwan U5.6.2) it works with no issues and log records look differently (ipsec.cong/ipsec.secrets):
>
> looking for peer configs matching 10.64.1.254[34.X.X.X]...24.X.X.X[somevpn.somedomain.tld]
>
> In 5.8.0 it is looking for IKE config that matches local internal IP and remote resolved IP.
>
> I can attach my swanctl.conf and ipsec.conf+ipsec.secrets if it is necessary.
> But for now I just want to know if it is only me.
>
> Thank you
>
> <http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> Virus-free. www.avg.com <http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
>
--
Noel Kuntze
IT security consultant
GPG Key ID: 0x0739AD6C
Fingerprint: 3524 93BE B5F7 8E63 1372 AF2D F54E E40B 0739 AD6C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20190709/dbe65d77/attachment.sig>
More information about the Users
mailing list