FreeBSD, StrongSwan, authentication failed with certificate with Android client
dave.mehler at gmail.com
Wed Jul 15 02:15:09 UTC 2020
Adding to this I believe this is my error:
Jul 14 12:08:44 11[IKE] received TS_UNACCEPTABLE notify, no CHILD_SA built
Jul 14 12:08:44 11[IKE] closing IKE_SA due CHILD_SA setup failure
The strongswan is in a vnet-jail, said jail has a public IPv6 address
and a private IPv4 address which is natted to the host's public IPv4
address it's 192.168.5.x/24. On the connecting side home setup, single
public IPv4 address, Orbi system providing wireless, routing, nat,
private IPv4 address space of 192.168.129.0/24.
Separate but possibly related, also having issue getting Asterisk
audio going from server to remote connection.
On 7/14/20, David Mehler <dave.mehler at gmail.com> wrote:
> I've got StrongSwan set up on a vnet FreeBSD jail. I'm forwarding the
> correct UDP ports and have made a root, a server, and a client
> certificate. I've loaded the root CA in to the Android app, and have
> loaded in the .p12 file in to the app. I atempt to connect and get a
> failed authentication message. The log is quite extensive and I'm not
> seeing the specific problem. Can someone take a look and let me know
> what the issue might be?
More information about the freebsd-questions