[Swan] Azure + LibreSwan
Paul Wouters
paul at nohats.ca
Thu Sep 27 17:15:02 UTC 2018
On Thu, 27 Sep 2018, Madden, Joe wrote:
> I've ran though the output from debug but I'm not sure how to read it in order to find the azure proposal.
>
> https://pastebin.com/raw/Qdns0p5q
>
> Am I being dense - How do you tell the proposal from this log output?
That log is only of a single informational exchange for DPD. It is not
actually a rekey exchange or a response/initiator for an initial
connection.
Paul
> -----Original Message-----
> From: Paul Wouters <paul at nohats.ca>
> Sent: 26 September 2018 14:45
> To: Madden, Joe <Joe.Madden at mottmac.com>
> Cc: swan at lists.libreswan.org
> Subject: Re: [Swan] Azure + LibreSwan
>
> On Wed, 26 Sep 2018, Madden, Joe wrote:
>
>> Sep 26 10:33:24 gw pluto[788]: packet from #####:500: initial parent
>> SA message received on 87.85.199.82:500 but no connection has been
>> authorized with policy RSASIG+IKEV2_ALLOW
>>
>> The above line I suspect is the issue (Because we are not using RSK to authenticate.
>
> That error can be a bit misleading as it could be other things that are not matching. You can try running with plutodebug=all which should log all the proposals at the time and hopefully that will show something.
>
> I thought later versions of libreswan also logged the proposals in non-debug mode, so perhaps you are running an older version.
>
> Paul
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.libreswan.org%2Fmailman%2Flistinfo%2Fswan&data=01%7C01%7Cjoe.madden%40mottmac.com%7Cf5c132dd27e84fff7e8608d623c4f867%7Ca2bed0c459574f73b0c2a811407590fb%7C0&sdata=cVbccwnPrr%2BEbn%2Fe0MKZDfZGGTruz0Vzo7i%2FtihN2%2B8%3D&reserved=0
>
More information about the Swan
mailing list