IPSEC swanctl: [IKE] received (29) error notify

Started by volkerd7, January 27, 2023, 01:32:05 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 27, 2023, 01:32:05 AM
Hi all,

I experience an issue with all my IPSEC VPN's after upgrading to 23.1:

Code Select
root@adrasteia:/usr/local/etc/swanctl # swanctl -i -i con1
no files found matching '/usr/local/etc/strongswan.opnsense.d/*.conf'
[IKE] initiating Aggressive Mode IKE_SA con1[5] to xx.xx.xx.xx
[ENC] generating AGGRESSIVE request 0 [ SA KE No ID V V V V V ]
[NET] sending packet: from xx.xx.xx.xx[500] to xx.xx.xx.xx[500] (488 bytes)
[NET] received packet: from xx.xx.xx.xx[500] to xx.xx.xx.xx[500] (40 bytes)
[ENC] parsed INFORMATIONAL_V1 request 0 [ N((29)) ]
[IKE] received (29) error notify
initiate failed: establishing IKE_SA 'con1' failed


my config:

Code Select
    con1 {
        unique = replace
        aggressive = yes
        version = 1
        mobike = no
        local_addrs = xx.xx.xx.xx
        local-0 {
            id = xx.xx.xx.xx
            auth = psk
        }
        remote-0 {
            id = xx.xx.xx.xx
            auth = psk
        }
        remote_addrs = xx.xx.xx.xx
        encap = no
        proposals = aes192-sha256-modp2048
        children {
            con1-000 {
                start_action = route
                policies = yes
                mode = tunnel
                sha256_96 = no
                local_ts = 172.16.8.0/22
                remote_ts = 192.168.10.0/25
                reqid = 1
                esp_proposals = aes192-sha256-modp2048
                life_time = 3600 s
            }
        }
    }
.
.
.
secrets {
    ike-p1-0 {
        id-0 =
        id-1 = xx.xx.xx.xx
        secret = xxxxxxxxxxxxxxxxxxxxxxxxxxx
    }
.
.
.
}


I didn't changed something before the upgrade, and the partner sides didn't change either.
Does anybody have an Idea about it?

Thank You!

Best Regrads,
Volker
January 27, 2023, 01:38:47 PM #1
Hi Volker, i have exact the same issue after the the upgrade to 23.1.
Do you have a solution now?

kind regards,
leo
January 27, 2023, 03:50:59 PM #2
January 27, 2023, 04:03:33 PM #3
Did it for me.

Thanks @mimugmail
January 27, 2023, 04:11:16 PM #4
Did it for me.

Thanks @mimugmail
Print
Go Up Pages1
User actions