[Swan] After upgrade, "No connection has been authorized with policy PSK+IKEV1_ALLOW" [SOLVED]
Paul Wouters
paul at nohats.ca
Sat Sep 21 00:00:47 UTC 2019
On Fri, 20 Sep 2019, Hugh Sparks wrote:
> Subject: Re: [Swan] After upgrade,
> "No connection has been authorized with policy PSK+IKEV1_ALLOW" [SOLVED]
>
> The Wizard Wooters got me close enough: I added these incantations:
>
> ikev2=no
> ike=aes256-sha1-modp1024,aes128-sha1-modp1024,3des-sha1-modp1024\
> esp=aes256-sha256,aes256-sha1,3des-sha1
>
> Now Windows and iphone clients work perfectly.
Note Android clients will fail, because of their sha2_256 bug. I would
recommend:
esp=aes256-sha2_512,aes256-sha1,aes256-sha2_256,3des-sha1
That causes us to prefer sha2_512 and sha1 over sha2_256, and should
work will Windows. iphone and Android clients.
> I spent 10 hours on this before I gave up and asked a question. What a great
> group!
Glad we could help!
Paul
More information about the Swan
mailing list