[prev in list] [next in list] [prev in thread] [next in thread] 

List:       strongswan-users
Subject:    [strongSwan] Working Android 6 Native XAUTH configuration?
From:       Michael Lipp <mnl () mnl ! de>
Date:       2016-02-26 11:41:28
Message-ID: 56D039E8.1090801 () mnl ! de
[Download RAW message or body]

Hi,

does anybody have a working configuration for Android 6.0 IPSec RSA/Xauth?

I got as far as a "half open IKE_SA". Authentications were successful

11[IKE] authentication of 'C=DE, O=TLN, CN=LG-D2' with RSA successful
11[IKE] authentication of 'C=DE, O=TLN, CN=Lar' (myself) successful

XAUTH task is started:

11[IKE] queueing XAUTH task
11[ENC] generating ID_PROT response 0 [ ID SIG ]
11[NET] sending packet: from 192.168.200.2[4500] to 192.168.200.1[64868]
(348 bytes)
11[IKE] activating new tasks
11[ENC] generating TRANSACTION request 118312633 [ HASH CPRQ(X_USER X_PWD) ]
11[NET] sending packet: from 192.168.200.2[4500] to 192.168.200.1[64868]
(92 bytes)
08[NET] received packet: from 192.168.200.1[64868] to
192.168.200.2[4500] (108 bytes)

but from there on things go wrong:

08[ENC] invalid HASH_V1 payload length, decryption failed?

I searched for "invalid HASH_V1 payload length, decryption failed?" and
found several bug reports, most closed without real solution. I tried
every hint I could find there to no avail.

 - Michael


_______________________________________________
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
[prev in list] [next in list] [prev in thread] [next in thread]