Highest Voted 'ikev1' Questions - Server Fault Stack Exchange

1

vote

1 answer

LibreSwan IKEv1 XAUTH VPN server -- so close and yet so far

Here's an ASCII-art diagram of my situation 192.168.10.0/24 | +---+ .7 | | A |------+ _____ +---+ | ( ) | .254 +---+ Ext IP ( ) +----Ri|…

vpn libreswan ikev1

asked Sep 08 '17 at 16:47

Ex Umbris

854
7
24

1

vote

2 answers

IKEv1 phase 2 fails with NO_PROPOSAL_CHOSEN but ESP proposal is correct. What else could cause this to fail?

Trying to troubleshoot an IPSec/IKEv1 VPN connection with Strongswan that is failing to complete phase 2 with NO_PROPOSAL_CHOSEN. I know the solution for this error is nearly always "double-check your phase 2 proposal", but I am 100% sure that the…

vpn ubuntu-18.04 strongswan ikev1

asked Apr 14 '20 at 11:30

aucuparia

125
1
6

1

vote

1 answer

What could cause "Selected peer config inacceptable" errors bringing up VPN with strongswan?

Trying to use Strongswan to connect to a work VPN and getting "selected peer config inacceptable" errors in the logs which I haven't been able to find any info on in Google: ~$ sudo ipsec up VDI initiating Aggressive Mode IKE_SA VDI[1] to…

vpn ubuntu-18.04 strongswan xauth ikev1

asked Apr 14 '20 at 07:15

aucuparia

125
1
6

0

votes

2 answers

Setup l2tp using Strongswan

I setup ikev2 using Strongswan, Now I need to add l2tp support to that What is the best and easy method to add l2tp support to Strongswan? Appreciate for any help

ipsec strongswan l2tp xl2tpd ikev1

asked Aug 20 '19 at 08:25

Farhad Sakhaei

131
2
10

0

votes

1 answer

GCP: Routing to ip alias over IKEv1 VPN without BGP

I have a private GKE cluster running in a single subnet and region. The nodes in the cluster utilize the subnet's CIDR of 10.60.0.0/16. The cluster has two secondary CIDR ranges for its pods and services (172.24.0.0/19 and 172.24.32.0/20…

vpn google-cloud-platform bgp ip-aliasing ikev1

asked Feb 09 '19 at 16:16

Ryan Smith

101
1

0

votes

1 answer

Strongswan: Connecting PSK & EAP at a time

I have successfully setup strongswan on a virtual Server. I basically have two kinds of configurations Using EAP (username/password for Android Strongswan Client). PSK (for IOS devices using built in VPN client) I am able to connect more than…

strongswan ikev2 ikev1

asked Apr 22 '18 at 16:06

Ajji

131
7

0

votes

2 answers

Strongswan IKEv2 for iOS devices

I want to connect a Strongswan IKEv2 VPN on iOS devices. It uses FreeRADIUS server for AAA of users. It's already working perfectly on Android and Windows devices. but when I try to connect using the iOS device it shows the below logs. I'm manually…

vpn ipsec strongswan ikev2 ikev1

asked Oct 06 '17 at 06:25

Varun Taliyan

26
1
7

0

votes

0 answers

Error in IKE phase 1 when trying create IPSeC tunnel with Juniper SRX 300

Less than month ago we had to replace our old SRX 210 HE device with a new SRX 300 because the old device started to become unreliable. We had two IPSeC tunnels to two different places both working without a hitch. However, after we rebuilt the…

ipsec juniper ikev1

asked Aug 16 '23 at 06:25

nyoatype

65
1
9

0

votes

1 answer

Strongswan ike phase 1 failed: "IKE_SA being deleted"

I'm trying to build IPsec tunnel between my Strongswan cloud instance to the Cisco CSR 1000V which is from ISP. According to the form given to me, I have to configure with the following factors in mind Phase 1 Authentication Method: PSK Encryption…

ipsec site-to-site-vpn strongswan digital-ocean ikev1

asked Jul 05 '23 at 03:10

9ieR

1
1

0

votes

0 answers

ike-scan 0 returned handshake 0 returned notify

I need to establish vpn connection to a specific site, I used strongswan and configure my side according to the provided parameters from another side, but when I try to connect I get 'peer not responding'. I used ike-scan on the ip they gave to me…

vpn ipsec strongswan ikev2 ikev1

asked Nov 27 '22 at 16:37

Mohammed Hafiz

11
2

0

votes

0 answers

How to use aggressive mode + transport mode + PSK to negotiate SAs with strongswan server in NAT-T environment

I used the transport mode and NAT-T environment to negotiate SAs, and the method to authenticate the peer is PSK. When I use Main Mode, IKE negotiation can be completed normally, the logs of PSK is: Jan 6 01:24:06 09[CFG] <1> looking for pre-shared…

centos7 nat ikev1

asked Jan 06 '22 at 07:29

freshman.ipsec

1

0

votes

1 answer

Does ikev1 or ikev2 support a no-authentication option? If so, how can I enable that in strongswan?

For testing purposes, I want to setup an ipsec tunnel using IKEv1 or v2 (preferably v2) that does not require any authentication - so just using the protocol to agree on the secret-keys of the ipsec tunnel and skipping the authentication. Is such an…

ipsec strongswan ikev2 ikev1

asked Nov 22 '20 at 13:18

xeyipes

15
2

-1

votes

1 answer

Cannot connect a Fortigate VPN behind a static NAT to a GCP VPN gateway

Here's the need: Connect a Fortigate device behind a static 1:1 NAT to the Internet to a Google Cloud Platform (GCP) VPN gateway. Simplified ASCII Diagram: LOCAL_LAN ---- Fortigate ----- Fiber modem ---- Internet ---- GCP VPN Gateway -----…

vpn google-cloud-platform fortigate ikev2 ikev1

asked Sep 01 '21 at 22:16

Hawkmx

11
2

Questions tagged [ikev1]