[Swan] After upgrade, "No connection has been authorized with policy PSK+IKEV1_ALLOW"
hugh at csparks.com
Fri Sep 20 19:39:34 UTC 2019
New list member here.
I have a server running Libreswan to allow iphone and Windows clients access to the office LAN. This has worked for many years.
(I never needed to join this list.)
Recently, I did three server upgrades in quick succession going from fedora 27 to fedora 30. Something along the way broke the
When either type of client tries to make a connection, I see this message in the server journal:
pluto: packet from p.q.r.s:t: \
initial Main Mode message received on a.b.c.d:500
but no connection has been authorized with policy PSK+IKEV1_ALLOW
Fedora 27 with libreswan-3.27-1.fc27.x86_64
Fedora 30 with libreswan-3.29-1.fc30.x86_64
This command shows everything [OK]
This command adds the connection with no errors reported:
ipsec auto --add L2TP-PSK
Some configuration files:
("a.b.c.d" is the public IP address of my server)
: PSK "some long key phrase"
I can send more files if necessary, but it appears that the connection process never gets past "pluto"
Clients tested are "Windows 10 version 1903" and "iOS 12.4.1"
The client settings are for L2TP/IPSEC with PSK.
I have downloaded and searched the mailing list archives.
I found two threads, but none with any clear resolution.
All suggestions appreciated.
Mail: hugh at csparks.com <mailto:hugh at csparks.com> Office: 952-955-2800
More information about the Swan