[Swan] Windows IKEv2 Error 809

Paul Wouters paul at nohats.ca
Tue May 24 14:33:49 UTC 2016

On Mon, 23 May 2016, Tom Robinson wrote:

> I've having trouble connecting Windows 8 to libreswan (version 3.15-5) using IKEv2. I get the 809 error.
> The ipsec connection I have configured is copied from another libreswan host (version 3.13-1) that
> does work (we're migrating) but I can't seem to locate the issue on the new server.
> The connection appears to succeed on the server. Then, on the Windows 8 client, I see a message
> "Verifying your credentials" after which I see the "Error 809: ..." message.
> Here's my log of the connection:

> May 23 11:29:39 apex pluto[29341]: "ikev2-cp"[1] #9: STATE_PARENT_R2: received v2I2,
> PARENT SA established tunnel mode {ESP/NAT=>0xefe27442 <0x1fd6e1dc xfrm=AES_128-HMAC_SHA1 NATOA=none
> NATD= DPD=active}

So the tunnel came up fine. I am not sure why Windows is rejecting it.

> For my own sanity, is someone able to run their eyes over this?

Looked fine. Perhaps it is a timing/clock issue with the certificate?


More information about the Swan mailing list