Discussion:
[Swan] no connection has been authorized with policy PSK+IKEV1_ALLOW
Glenn Pierce
2016-04-01 22:06:23 UTC
Permalink
So I am still trying to to implement http://89.200.143.48:8000/f/511e58a0c0/

I am trying to use PSK for simplicity and I was having no luck with keys.

With keys or PSK I get the following similar errors

ind_next_host_connection policy=PSK+IKEV1_ALLOW
Apr 01 22:44:19 ****.memset.net pluto[31625]: |
find_next_host_connection returns empty
Apr 01 22:44:19 ****.memset.net pluto[31625]: packet from ******:1024:
initial Main Mode message received on *******:500 but no connection
has been authorized with policy PSK+IKEV1_ALLOW


Any ideas what this could be

My conf (changed ips)

conn tunnel
phase2alg=aes256-sha1;modp1024
pfs=no
keyexchange=ike
ike=aes256-sha1;modp1024
left=192.168.1.122
leftid=@192.168.1.122
#leftnexthop=89.129.247.157
right=82.200.139.212
rightid=@82.200.139.212
authby=secret
# load and initiate automatically
auto=start

conn priv
also= tunnel
leftsubnet=10.0.128.0/22
rightsubnet=192.168.1.222/32

conn server
also=tunnel
leftsubnet=82.200.139.212/32
rightsubnet=192.168.2.1/32


My secrets

%any %any : PSK "test" # Only for testing :)


Thanks for any help.

Seems like changing the settings has no effect on the errors. Seems
like I have tried lots of combinations.
Paul Wouters
2016-04-01 23:50:40 UTC
Permalink
Looks like your connection did not load. Run ipsec auto --add server to see error?

Sent from my iPhone
Post by Glenn Pierce
So I am still trying to to implement http://89.200.143.48:8000/f/511e58a0c0/
I am trying to use PSK for simplicity and I was having no luck with keys.
With keys or PSK I get the following similar errors
ind_next_host_connection policy=PSK+IKEV1_ALLOW
Apr 01 22:44:19 ****.memset.net pluto[31625]: |
find_next_host_connection returns empty
initial Main Mode message received on *******:500 but no connection
has been authorized with policy PSK+IKEV1_ALLOW
Any ideas what this could be
My conf (changed ips)
conn tunnel
phase2alg=aes256-sha1;modp1024
pfs=no
keyexchange=ike
ike=aes256-sha1;modp1024
left=192.168.1.122
#leftnexthop=89.129.247.157
right=82.200.139.212
authby=secret
# load and initiate automatically
auto=start
conn priv
also= tunnel
leftsubnet=10.0.128.0/22
rightsubnet=192.168.1.222/32
conn server
also=tunnel
leftsubnet=82.200.139.212/32
rightsubnet=192.168.2.1/32
My secrets
%any %any : PSK "test" # Only for testing :)
Thanks for any help.
Seems like changing the settings has no effect on the errors. Seems
like I have tried lots of combinations.
_______________________________________________
Swan mailing list
https://lists.libreswan.org/mailman/listinfo/swan
Loading...