Issue #3561
Updated by Tobias Brunner almost 5 years ago
Have an Azure P2S running on windows 10 and tried setting up on Linux Ubuntu 20.04. Followed instructions on the two pages
https://docs.microsoft.com/en-us/azure/vpn-gateway/point-to-site-vpn-client-configuration-azure-cert#installlinux
https://serverfault.com/questions/840920/how-connect-a-linux-box-to-an-azure-point-to-site-gateway
Startup up IPSec Azure and get the following messages.
Have tried on 2nd machine with same results.
Please let me know what other information is needed to get this connection receiving.
<pre>
sudo ipsec up azure
initiating IKE_SA azure[1] to xx.xx.xx.xx
generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
sending packet: from 10.110.0.254[500] to xx,xx,xx,xx[500] (796 bytes)
received packet: from xx,xx,xx,xx[500] to 10.110.0.254[500] (36 bytes)
parsed IKE_SA_INIT response 0 [ N(NO_PROP) ]
received NO_PROPOSAL_CHOSEN notify error
</pre>
Syslog tail
<pre>
Sep 12 21:38:56 virtualpps-SERVER charon: 05[CFG] added configuration 'azure'
Sep 12 21:39:01 virtualpps-SERVER CRON[296840]: (root) CMD ( [ -x /usr/lib/php/sessionclean ] && if [ ! -d /run/systemd/system ]; then /usr/lib/php/sessionclean; fi)
Sep 12 21:39:04 virtualpps-SERVER charon: 07[CFG] received stroke: initiate 'azure'
Sep 12 21:39:04 virtualpps-SERVER charon: 10[IKE] initiating IKE_SA azure[1] to xx.xx.xx.xx
Sep 12 21:39:04 virtualpps-SERVER charon: 10[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Sep 12 21:39:04 virtualpps-SERVER charon: 10[NET] sending packet: from 10.110.0.254[500] to xx.xx.xx.xx[500] (796 bytes)
Sep 12 21:39:04 virtualpps-SERVER charon: 11[NET] received packet: from xx.xx.xx.xx[500] to 10.110.0.254[500] (36 bytes)
Sep 12 21:39:04 virtualpps-SERVER charon: 11[ENC] parsed IKE_SA_INIT response 0 [ N(NO_PROP) ]
Sep 12 21:39:04 virtualpps-SERVER charon: 11[IKE] received NO_PROPOSAvirtualpps@virtualpps
</pre>
IPSec.conf
<pre>
# ipsec.conf - strongSwan IPsec configuration file
# basic configuration
conn azure
keyexchange=ikev2
type=tunnel
leftfirewall=yes
left=%any
leftauth=eap-tls
leftid=%client # use the DNS alternative name prefixed with the %
right=azuregateway-Xxx.vpn.azure.com
rightid=%azuregateway-Xxx.vpn.azure.com
rightsubnet=0.0.0.0/0
leftsourceip=%config
auto=add
</pre>
https://docs.microsoft.com/en-us/azure/vpn-gateway/point-to-site-vpn-client-configuration-azure-cert#installlinux
https://serverfault.com/questions/840920/how-connect-a-linux-box-to-an-azure-point-to-site-gateway
Startup up IPSec Azure and get the following messages.
Have tried on 2nd machine with same results.
Please let me know what other information is needed to get this connection receiving.
<pre>
sudo ipsec up azure
initiating IKE_SA azure[1] to xx.xx.xx.xx
generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
sending packet: from 10.110.0.254[500] to xx,xx,xx,xx[500] (796 bytes)
received packet: from xx,xx,xx,xx[500] to 10.110.0.254[500] (36 bytes)
parsed IKE_SA_INIT response 0 [ N(NO_PROP) ]
received NO_PROPOSAL_CHOSEN notify error
</pre>
Syslog tail
<pre>
Sep 12 21:38:56 virtualpps-SERVER charon: 05[CFG] added configuration 'azure'
Sep 12 21:39:01 virtualpps-SERVER CRON[296840]: (root) CMD ( [ -x /usr/lib/php/sessionclean ] && if [ ! -d /run/systemd/system ]; then /usr/lib/php/sessionclean; fi)
Sep 12 21:39:04 virtualpps-SERVER charon: 07[CFG] received stroke: initiate 'azure'
Sep 12 21:39:04 virtualpps-SERVER charon: 10[IKE] initiating IKE_SA azure[1] to xx.xx.xx.xx
Sep 12 21:39:04 virtualpps-SERVER charon: 10[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Sep 12 21:39:04 virtualpps-SERVER charon: 10[NET] sending packet: from 10.110.0.254[500] to xx.xx.xx.xx[500] (796 bytes)
Sep 12 21:39:04 virtualpps-SERVER charon: 11[NET] received packet: from xx.xx.xx.xx[500] to 10.110.0.254[500] (36 bytes)
Sep 12 21:39:04 virtualpps-SERVER charon: 11[ENC] parsed IKE_SA_INIT response 0 [ N(NO_PROP) ]
Sep 12 21:39:04 virtualpps-SERVER charon: 11[IKE] received NO_PROPOSAvirtualpps@virtualpps
</pre>
IPSec.conf
<pre>
# ipsec.conf - strongSwan IPsec configuration file
# basic configuration
conn azure
keyexchange=ikev2
type=tunnel
leftfirewall=yes
left=%any
leftauth=eap-tls
leftid=%client # use the DNS alternative name prefixed with the %
right=azuregateway-Xxx.vpn.azure.com
rightid=%azuregateway-Xxx.vpn.azure.com
rightsubnet=0.0.0.0/0
leftsourceip=%config
auto=add
</pre>