Project

General

Profile

Issue #3438

Window client for Strongswan

Added by Muhammad Tufail 5 months ago. Updated 5 months ago.

Status:
Feedback
Priority:
Normal
Assignee:
-
Category:
configuration
Affected version:
5.7.0
Resolution:

Description

I am working on window client for strongswan.
Is this possible that i connect vpn using username and password without certificate. i am working from some day but window client is not even connected this is is my configurations

ipsec.conf

config setup
    strictcrlpolicy=yes
    uniqueids=never
    charondebug="cfg 1, dmn 1, ike 0, net 0" 

conn win7
    left=%any
    leftsubnet=0.0.0.0/0
    leftcert=/root/strongswan/certs/vpnHostCert.pem
    leftid="C=CH, O=Pentaloop, CN=serverip" 
    keyexchange=ikev2
    right=%any
    rightsourceip=10.24.24.0/14
    leftauth=pubkey
    rightauth=eap-mschapv2
    rightsendcert=never
    rightsubnet=0.0.0.0/0
    auto=add
    eap_identity=%any
    dpdaction=clear
    dpddelay=300s
    rekey=no
    fragmentation=yes
    mobike=yes
    rightdns=8.8.8.8,8.8.4.4
    ike=3des-sha1-prfsha1-modp1024,aes128-sha256-ecp256,aes256-sha384-ecp384,aes128-sha256-modp2048,aes128-sha1-modp2048,aes256-sha384-modp4096,aes256-sha256-modp4096,aes256-sha1-modp4096,aes128-sha256-modp1536,aes128-sha1-modp1536,aes256-sha384-modp2048,aes256-sha256-modp2048,aes256-sha1-modp2048,aes128-sha256-modp1024,aes128-sha1-modp1024,aes256-sha384-modp1536,aes256-sha256-modp1536,aes256-sha1-modp1536,aes256-sha384-modp1024,aes256-sha256-modp1024,aes256-sha1-modp1024!
    esp=3des-sha1-prfsha1-modp1024,aes128gcm16-ecp256,aes256gcm16-ecp384,aes128-sha256-ecp256,aes256-sha384-ecp384,aes128-sha256-modp2048,aes128-sha1-modp2048,aes256-sha384-modp4096,aes256-sha256-modp4096,aes256-sha1-modp4096,aes128-sha256-modp1536,aes128-sha1-modp1536,aes256-sha384-modp2048,aes256-sha256-modp2048,aes256-sha1-modp2048,aes128-sha256-modp1024,aes128-sha1-modp1024,aes256-sha384-modp1536,aes256-sha256-modp1536,aes256-sha1-modp1536,aes256-sha384-modp1024,aes256-sha256-modp1024,aes256-sha1-modp1024,aes128gcm16,aes256gcm16,aes128-sha256,aes128-sha1,aes256-sha384,aes256-sha256,aes256-sha1!

I Used this user name password to connect with window client
ipsec.secret

# ipsec.secret s - strongSwan IPsec secrets fil
 : PSK PSKFORIOSCLIENT
 : RSA /root/strongswan/private/vpnHostKey.pem

PLVPN : EAP "mypassword" 

#enp2s0
#eth0

History

#1 Updated by Tobias Brunner 5 months ago

  • Status changed from New to Feedback

#2 Updated by Tobias Brunner 5 months ago

  • Category changed from windows to configuration

#3 Updated by Muhammad Tufail 5 months ago

i read that before but when i am connecting using username password these configuration are not working
ERROR "IKE authentication credentials are unacceptable"

#4 Updated by Tobias Brunner 5 months ago

i read that before but when i am connecting using username password these configuration are not working
ERROR "IKE authentication credentials are unacceptable"

So you made a mistake (e.g. server certificate invalid, missing CA certificate on the client, or in the wrong key store etc.).

Also available in: Atom PDF