Hello! I followed this guide (https://dc77312.wordpress.com/2019/01/08/libreswan-ipsec-vpn-on-centos-7-and-windows-10/) to setup a VPN server, but upon connecting all I get is "Policy match error". I cannot find what Windows is proposing, or why it is failing. Could anyone help?
I tried adding other algorithms and hashes to the config file, and even tried these that another server negotiated with Windows: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
I also added the registry option to enable modp2048.
One of the leads I tried following is this PRF_HMAC_SHA2_256, which I tried adding, but would not pass config verifications.
But no debug option would tell me exactly why it's failing or what proposal was being requested. The log only states NO PROPOSAL CHOSEN. How do I get it to tell me the REQUESTED? Also, information about how to get more information from Windows' logs would be greatly appreciated.
Log file is too large: https://docs.google.com/document/d/1-84JBWh4s6wjQ2zlmkkJzUx2Qbixnr-A2qegwtaFRY4/edit?usp=sharing
No comments:
Post a Comment