Hello,
I am not understanding why LibreSwan on CentOS 8 is not able to connect my firewall in IkeV2.
On ubuntu 18.04 the same configuration works, on CentOS I always have "NO_PROPOSAL_CHOSEN"
I can made all the changes that I want in the conf but nothing change.
ipsec.conf
conn test_vpn
left=192.168.168.100 #(LibreSwan Server)
leftsubnet=192.168.168.0/24 #(LibreSwan network)
leftid=192.168.0.158 #(Firewall Public IP)
right=192.168.0.104 #(SonicWall Public IP)
rightsubnet=10.10.0.0/16 #(SonicWall X0 Subnet)
rightid=192.168.0.104 #(SonicWall Public IP)
keyingtries=0
authby=secret
ike=3des-sha256-modp2048 #(Phase 1 - on SonicWall 3DES - SHA256 - DH 14)
ikelifetime=28800s #(Lifetime 28800)
keyexchange=ike
phase2=esp # (Phase 2)
phase2alg=aes256-sha256 #(on SonicWall - ESP - AES-256 SHA256)
salifetime=28800s #(Lifetime 28800)
ikev2=insist
pfs=no #(no PFS)
auto=add
ipsec.secrets
192.168.0.158 192.168.0.104 : PSK "pre-shared key"
Help with LibreSwan
Re: Help with LibreSwan
RHEL/CentOS 8 has turned off a lot of insecure security algorithms. Make sure that crypto-policies-scripts is installed then use update-crypto-policies (read the man page before you try to run it!) and set it to LEGACY and see if that helps.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke