Date: Tue, 14 Jul 2020 22:15:04 -0400 From: David Mehler <dave.mehler@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: FreeBSD, StrongSwan, authentication failed with certificate with Android client Message-ID: <CAPORhP75_x_R6snkBfmst6tAOnQxRWLPBw6YY7kH78NCFxgswg@mail.gmail.com> In-Reply-To: <CAPORhP5hv9Lx4TZ8qB-np2hP8=sLrQYwtxP08-Q9PiH9uS23JA@mail.gmail.com> References: <CAPORhP5hv9Lx4TZ8qB-np2hP8=sLrQYwtxP08-Q9PiH9uS23JA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, Adding to this I believe this is my error: Jul 14 12:08:44 11[IKE] received TS_UNACCEPTABLE notify, no CHILD_SA built Jul 14 12:08:44 11[IKE] closing IKE_SA due CHILD_SA setup failure Any suggestions? The strongswan is in a vnet-jail, said jail has a public IPv6 address and a private IPv4 address which is natted to the host's public IPv4 address it's 192.168.5.x/24. On the connecting side home setup, single public IPv4 address, Orbi system providing wireless, routing, nat, private IPv4 address space of 192.168.129.0/24. Separate but possibly related, also having issue getting Asterisk audio going from server to remote connection. Suggestions welcome. Thanks. Dave. On 7/14/20, David Mehler <dave.mehler@gmail.com> wrote: > Hello, > > I've got StrongSwan set up on a vnet FreeBSD jail. I'm forwarding the > correct UDP ports and have made a root, a server, and a client > certificate. I've loaded the root CA in to the Android app, and have > loaded in the .p12 file in to the app. I atempt to connect and get a > failed authentication message. The log is quite extensive and I'm not > seeing the specific problem. Can someone take a look and let me know > what the issue might be? > > Thanks. > Dave. >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPORhP75_x_R6snkBfmst6tAOnQxRWLPBw6YY7kH78NCFxgswg>