[Swan] RHEL7 Libreswan -> Google Cloud VPN

Patrick Bakker patrick at vanbelle.com
Thu Aug 27 00:02:54 UTC 2015


I'm trying to setup a VPN between RHEL7 and Google Cloud VPN. I keep
getting this cryptic error:

"google-tunnel" #6: ignored CCM/GCM ESP proposal 1: integrity transform
must be IKEv2_AUTH_NONE or absent
 ikev2_parent_inI2outR2_tail returned STF_FAIL with v2N_NO_PROPOSAL_CHOSEN"

This is with a barebones configuration like:
conn google-tunnel
        authby=secret
        auto=start
        type=tunnel
        left=x.x.x.x
        leftid=x.x.x.x
        leftsourceip=x.x.x.x
        leftsubnet=x.x.x.x/24
        right=y.y.y.y
        rightsubnet=y.y.y.y/16
        rightsourceip=y.y.y.y

As well as if I try to force some algorithm like:
        ike=aes-sha1
        ikev2=insist
        phase2=esp
        phase2alg=aes_gcm_c-128-null

Anybody have any ideas?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20150826/282f2732/attachment.html>


More information about the Swan mailing list