[strongSwan] SAs do not establish with OpenBSD iked

Tobias Brunner tobias at strongswan.org
Tue Mar 29 09:55:12 CEST 2022


Hi,

> Mon, 2022-03-28, 10:15:36 05[CFG] conn OPENBSD_GW
> Mon, 2022-03-28, 10:15:36 05[CFG]   left=192.168.13.1
> Mon, 2022-03-28, 10:15:36 05[CFG]   leftsubnet=192.168.13.0/24
> Mon, 2022-03-28, 10:15:36 05[CFG]   leftauth=secret
> Mon, 2022-03-28, 10:15:36 05[CFG]   leftid=swan.example.com
> Mon, 2022-03-28, 10:15:36 05[CFG]   right=10.1.1.9
> Mon, 2022-03-28, 10:15:36 05[CFG]   rightsubnet=192.168.253.0/27
> Mon, 2022-03-28, 10:15:36 05[CFG]   rightid=openbsd
> Mon, 2022-03-28, 10:15:36 05[CFG]   ike=aes256-sha512-modp4096
> Mon, 2022-03-28, 10:15:36 05[CFG]   esp=aes256-sha512-modp4096
> Mon, 2022-03-28, 10:15:36 05[CFG]   dpddelay=30
> Mon, 2022-03-28, 10:15:36 05[CFG]   dpdtimeout=150
> Mon, 2022-03-28, 10:15:36 05[CFG]   sha256_96=no
> Mon, 2022-03-28, 10:15:36 05[CFG]   mediation=no
> Mon, 2022-03-28, 10:15:36 05[CFG]   keyexchange=ikev2

`rightauth=secret` is missing here (it defaults to pubkey).

Regards,
Tobias


More information about the Users mailing list