Public bug reported:
My connection works in 20.04 and fails in 22.04. Perhaps something i've
been using is now depricated? Or perhaps jammy strongswan is...still
working on it?
This is the output i get in 22.04:
initiating Main Mode IKE_SA myvp7[1] to 2.i.p.7
generating ID_PROT request 0 [ SA V V V V V ]
sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (180 bytes)
received packet: from 2.i.p.7[500] to 1.i.p.2[500] (136 bytes)
parsed ID_PROT response 0 [ SA V V V ]
received XAuth vendor ID
received DPD vendor ID
received NAT-T (RFC 3947) vendor ID
selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (372 bytes)
received packet: from 2.i.p.7[500] to 1.i.p.2[500] (372 bytes)
parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
no shared key found for '1.i.p.2'[1.i.p.2] - '2.i.p.7'[2.i.p.7]
no shared key found for 1.i.p.2 - 2.i.p.7
generating INFORMATIONAL_V1 request 402437601 [ N(INVAL_KE) ]
sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (56 bytes)
establishing connection 'myvp7' failed
This is the output i get in 20.04:
initiating Main Mode IKE_SA myvp7[1] to 2.i.p.7
generating ID_PROT request 0 [ SA V V V V V ]
sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (180 bytes)
received packet: from 2.i.p.7[500] to 1.i.p.2[500] (136 bytes)
parsed ID_PROT response 0 [ SA V V V ]
received XAuth vendor ID
received DPD vendor ID
received NAT-T (RFC 3947) vendor ID
selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
sending packet: from 1.i.p.2[500] to 2.i.p.7[500] (372 bytes)
received packet: from 2.i.p.7[500] to 1.i.p.2[500] (372 bytes)
parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
local host is behind NAT, sending keep alives
generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
sending packet: from 1.i.p.2[4500] to 2.i.p.7[4500] (108 bytes)
received packet: from 2.i.p.7[4500] to 1.i.p.2[4500] (76 bytes)
parsed ID_PROT response 0 [ ID HASH ]
IKE_SA myvp7[1] established between 1.i.p.2[1.i.p.2]...2.i.p.7[2.i.p.7]
scheduling reauthentication in 3397s
maximum IKE_SA lifetime 3577s
generating QUICK_MODE request 3605139670 [ HASH SA No ID ID NAT-OA NAT-OA ]
sending packet: from 1.i.p.2[4500] to 2.i.p.7[4500] (204 bytes)
received packet: from 2.i.p.7[4500] to 1.i.p.2[4500] (204 bytes)
parsed QUICK_MODE response 3605139670 [ HASH SA No ID ID NAT-OA NAT-OA ]
selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
CHILD_SA myvp7{1} established with SPIs ce997cf9_i ccdb93e8_o and TS
1.i.p.2/32[udp/l2f] === 2.i.p.7/32[udp/l2f]
connection 'myvp7' established successfully
my ipsec.conf:
conn myvp7
right=2.i.p.7
rightprotoport=17/1701
leftprotoport=17/1701
left=%defaultroute
keyexchange=ikev1
type=transport
authby=secret
auto=add
my ipsec.secrets:
: PSK ...
** Affects: strongswan (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1951832
Title:
no shared key found in 22.04
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1951832/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
