[strongSwan] Configuration help request
Tobias Brunner
tobias at strongswan.org
Thu Apr 7 15:17:02 CEST 2022
Hi Alexey,
> 07[CFG] looking for peer configs matching
> x.x.x.x[x.x.x.x]...y.y.y.y[y.y.y.y]
> 07[CFG] no matching peer config found
> 07[ENC] generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
> 07[NET] sending packet: from x.x.x.x[500] to y.y.y.y[500] (80 bytes)
>
> And the question is: why no matching peer found as peers and key is in
> place?
The peer proposes the IP addresses as identities (it's what you see in
[] in the "looking for peer configs matching ..." log message), which
clearly don't match "key" (whatever that is exactly). So just remove
those `id = key` lines (the default identities are the IP addresses) and
associate the secret with y.y.y.y (i.e. set `id-1 = y.y.y.y` there).
Regards,
Tobias
More information about the Users
mailing list