[Swan] net-to-net for road warriors
Paul Wouters
paul at nohats.ca
Wed Jan 30 03:15:07 UTC 2019
On Tue, 29 Jan 2019, Alex wrote:
> I'm sorry for all the emails, but I have more debugging info. This
> message seems to be consistent with every system on which it fails:
>
> 133 "orion-arcade" #4: STATE_PARENT_I1: sent v2I1, expected v2R1
You sent out the first packet, and never got a reply. Some possible
causes:
- local, network/cloud or remote based firewall dropping packets
- Remote end dropped the packet (eg if it only supports IKEv1, not IKEv2,
or if it only accepts IKE packets from certain IPs and you are not one
of them)
- Your packet got fragmented and failed to re-assemble. This is rare but
possible (when using fedora's recent system wide crypto policy this
unfortunately can happen)
Check the other end to see if it received the packet?
Paul
More information about the Swan
mailing list