You are not logged in.

#1 2017-03-31 18:49:02

codedmart
Member
Registered: 2016-11-07
Posts: 25

NetworkManager, Strongswan, VPN

I setup a VPN server using algo.I installed and configured strongswan and networkmanager-strongswan. When I try to connect to the VPN I get a timeout error:

Mar 31 11:16:14 arch charon-nm[927]: 04[CFG] received initiate for NetworkManager connection my-vpn
Mar 31 11:16:14 arch charon-nm[927]: 04[CFG] using CA certificate, gateway identity 'xx.xxx.xxx.xxx'
Mar 31 11:16:14 arch charon-nm[927]: 04[IKE] initiating IKE_SA my-vpn[15] to xx.xxx.xxx.xxx
Mar 31 11:16:14 arch charon-nm[927]: 04[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Mar 31 11:16:14 arch charon-nm[927]: 04[NET] sending packet: from xx.x.x.xx[51599] to xx.xxx.xxx.xxx[500] (1014 bytes)
Mar 31 11:16:14 arch NetworkManager[664]: <info>  [1490984174.5214] vpn-connection[0x25fa120,1844f282-66a7-41fc-81ac-ea075c7d441f,"my-vpn",0]: VPN plugin: state changed: starting (3)
Mar 31 11:16:14 arch charon-nm[927]: 12[NET] received packet: from xx.xxx.xxx.xxx[500] to xx.x.x.xx[51599] (289 bytes)
Mar 31 11:16:14 arch charon-nm[927]: 12[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(MULT_AUTH) ]
Mar 31 11:16:14 arch charon-nm[927]: 12[IKE] local host is behind NAT, sending keep alives
Mar 31 11:16:14 arch charon-nm[927]: 12[IKE] received cert request for "CN=xx.xxx.xxx.xxx"
Mar 31 11:16:14 arch charon-nm[927]: 12[IKE] sending cert request for "CN=xx.xxx.xxx.xxx"
Mar 31 11:16:14 arch charon-nm[927]: 12[IKE] authentication of 'CN=user' (myself) with ECDSA_WITH_SHA256_DER successful
Mar 31 11:16:14 arch charon-nm[927]: 12[IKE] sending end entity cert "CN=user"
Mar 31 11:16:14 arch charon-nm[927]: 12[IKE] establishing CHILD_SA my-vpn
Mar 31 11:16:14 arch charon-nm[927]: 12[ENC] generating IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ AUTH CPRQ(ADDR DNS NBNS) SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(M
Mar 31 11:16:14 arch charon-nm[927]: 12[NET] sending packet: from xx.x.x.xx[4500] to xx.xxx.xxx.xxx[4500] (959 bytes)
Mar 31 11:16:18 arch charon-nm[927]: 15[IKE] retransmit 1 of request with message ID 1
Mar 31 11:16:18 arch charon-nm[927]: 15[NET] sending packet: from xx.x.x.xx[4500] to xx.xxx.xxx.xxx[4500] (959 bytes)
Mar 31 11:16:25 arch charon-nm[927]: 06[IKE] retransmit 2 of request with message ID 1
Mar 31 11:16:25 arch charon-nm[927]: 06[NET] sending packet: from xx.x.x.xx[4500] to xx.xxx.xxx.xxx[4500] (959 bytes)
Mar 31 11:16:38 arch charon-nm[927]: 05[IKE] retransmit 3 of request with message ID 1
Mar 31 11:16:38 arch charon-nm[927]: 05[NET] sending packet: from xx.x.x.xx[4500] to xx.xxx.xxx.xxx[4500] (959 bytes)
Mar 31 11:16:58 arch charon-nm[927]: 10[IKE] sending keep alive to xx.xxx.xxx.xxx[4500]
Mar 31 11:17:02 arch charon-nm[927]: 11[IKE] retransmit 4 of request with message ID 1
Mar 31 11:17:02 arch charon-nm[927]: 11[NET] sending packet: from xx.x.x.xx[4500] to xx.xxx.xxx.xxx[4500] (959 bytes)
Mar 31 11:17:14 arch NetworkManager[664]: <warn>  [1490984234.9243] vpn-connection[0x25fa120,1844f282-66a7-41fc-81ac-ea075c7d441f,"my-vpn",0]: VPN connection: connect timeout exceeded.
Mar 31 11:17:14 arch charon-nm[927]: Connect timer expired, disconnecting.
Mar 31 11:17:14 arch charon-nm[927]: 13[IKE] destroying IKE_SA in state CONNECTING without notification
Mar 31 11:17:14 arch NetworkManager[664]: <info>  [1490984234.9254] vpn-connection[0x25fa120,1844f282-66a7-41fc-81ac-ea075c7d441f,"my-vpn",0]: VPN plugin: state changed: stopping (5)
Mar 31 11:17:14 arch NetworkManager[664]: <warn>  [1490984234.9257] vpn-connection[0x25fa120,1844f282-66a7-41fc-81ac-ea075c7d441f,"my-vpn",0]: VPN plugin: failed: login-failed (0)
Mar 31 11:17:14 arch NetworkManager[664]: <info>  [1490984234.9258] vpn-connection[0x25fa120,1844f282-66a7-41fc-81ac-ea075c7d441f,"my-vpn",0]: VPN plugin: state changed: stopped (6)

I have never setup a VPN or connected to one from linux so I am not sure where to go from here. Any help would be appreciated.

Offline

Board footer

Powered by FluxBB