[strongSwan] AUTH_FAILED
wessel at aule.net
wessel at aule.net
Mon Jun 15 20:58:41 CEST 2020
Hi,
I'm new to Strongswan. I have a VPN that the default Windows client can
connect to with EAP-MSCHAP v2. I am trying to get it to work from Linux.
When connecting with swanctl -I, the server doesn't proceed after initial
contact:
[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr CPRQ(ADDR DNS)
SA TSi TSr N(MOBIKE_SUP) N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY)
N(MSG_ID_SYN_SUP) ]
[NET] sending packet: from a.b.c.d[4500] to e.f.g.h[4500] (336 bytes)
[NET] received packet: from e.f.g.h[4500] to a.b.c.d [4500] (80 bytes)
[ENC] parsed IKE_AUTH response 1 [ N(AUTH_FAILED) ]
The swanctl configuration looks like:
connections {
work {
remote_addrs = vpn.work.net
vips = 0.0.0.0
local {
auth = eap-mschapv2
id = my.name
}
remote {
id = group.work.net
}
children {
net {
remote_ts = w.x.y.z/24, w.x.y.z/24
updown = /usr/local/libexec/ipsec/_updown iptables
}
}
version = 2
send_certreq = no
}
}
It looks like the server doesn't want to proceed to the EAP phase. How can I
troubleshoot this?
Kind regards,
Wessel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20200615/c444c6c1/attachment.html>
More information about the Users
mailing list