[Swan] windows 10 Policy Match Error
Nels Lindquist
nlindq at maei.ca
Thu Sep 12 18:56:15 UTC 2019
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 2019/09/09 11:19 p.m., Computerisms Corporation wrote:
> Greetings Gurus,
>
> Having updated a good number of my firewalls to debian bullseye
> and libreswan 3.29, seemed reasonable to continue the quest.
What version were you upgrading from? Was it older than 3.28?
> Then I came across one that has had me stumped for a while now.
>
> Windows 10 gives policy match error, and libreswan logs gives a
> no-proposal-chosen error. I found and read lots of stuff that is
> pretty much all just details to this entry on the wiki:
>
> https://libreswan.org/wiki/FAQ#Microsoft_Windows_connection_attempts_fail_with_NO_POROPOSAL_CHOSEN
>
> I have tried the registry entry, I have tried the ike= and esp=
> entries, as well as some entries that have worked in the past for
> me.
>
> Have tried removing libreswan entirely and recompiling and
> reinstalling, just in case a sun spot did something during the
> initial install.
>
> Wondering if any one has any other suggestions as to what the
> hiccup might be?
After upgrading from an older version of libreswan I experienced
similar problems with Windows.
I noted the following in CHANGES from the v3.28 release:
> * IKE: Change default connection from IKEv1 to IKEv2 [Paul]
I then included an "ikev2=no" directive in my Windows-related
configurations, and everything started working for me again.
- ----
Nels Lindquist
<nlindq at maei.ca>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iEYEARECAAYFAl16lM8ACgkQh6z5POoOLgTpBgCfeAMo0ml+Gs/aebVaDcGkPQFF
NkcAoIjMu3HBSQRUYFfa21lMKQW8hgbU
=V4Pq
-----END PGP SIGNATURE-----
More information about the Swan
mailing list