[strongSwan] Strongswan Host-to-Host Connection Linux to Windows
IL Ka
kazakevichilya at gmail.com
Fri May 20 15:34:45 CEST 2022
What about Linux logs?
Run ``swanctl --log`` on Linux and reinitiate connection.
Which version of Windows btw?
On Fri, May 20, 2022 at 4:16 PM Tyler Phillippe <tylerphillippe at gmail.com>
wrote:
> Hello all! I am attempting to connect a Linux machine to Windows via
> Strongswan in a host-to-host configuration. I tested with Windows to
> Windows using the built-in firewall and it connected instantly. I changed
> the default Windows integrity and encryption ciphers and I think I changed
> them in the Linux Strongswan configuration. However, I am not getting any
> connection between the hosts and I can't find any logs on the Windows
> machine to help me narrow down what the issue is. It definitely does not
> work, since the SSH session on the Linux machine fails out. Below is the
> swanctl.conf file on my Linux machine. And, I know it's not the most secure
> method - I'm just trying to get it to initially connect with a PSK since
> that's the simplest for now. Windows doesn't support modp3072
> unfortunately, so I had to manually set the Linux config below to modp2048.
> The Windows firewall is set to use AES-CBC 128, SHA-256, MODP2048 for key
> exchange and ESP AES-CBC 128, SHA-256 for data protection. What am I doing
> wrong? Thanks everyone!!
>
> connections {
> linuxHost {
> local_addrs = (Linux machine)
> remote_addrs = (Windows machine)
> proposals = aes128-sha256-modp2048
> local {
> auth = psk
> }
> remote {
> auth = psk
> }
> children {
> linuxHost {
> esp_proposals = aes128-sha256-modp2048
> mode = transport
> }
> }
> version = 2
> reauth_time = 10800
> }
> }
>
> secrets {
> ike {
> secret = <psk>
> }
> }
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20220520/bc7a7586/attachment.html>
More information about the Users
mailing list