Are you using just ipsec, or L2TP?
On Wed, Jan 23, 2013 at 11:48 PM, Jan Lambertz <jd.arb...@googlemail.com> wrote:
> Hi,
>
> Running OpenBSD 5.2 AMD64 release as homeserver.
> Got Andoid 2.3 Samsung Mobile.
> Want to connect via vpn IPSEC.
> Config:
> ike passive esp tunnel from any to any \
> main auth hmac-sha1 enc des \
> quick auth hmac-sha1 enc des \
> srcid dstid (testted different things here without effect) \
> psk "test123"
>
>
> Also changed any to any to more concise settings, without effect.
> local ip and peer any didnt help, too.
>
>
> Jan 24 08:41:37 puffy isakmpd[10830]: attribute_unacceptable:
> ENCRYPTION_ALGORITHM: got 3DES_CBC, expected DES_CBC
> Jan 24 08:41:37 puffy isakmpd[10830]: attribute_unacceptable:
> ENCRYPTION_ALGORITHM: got 3DES_CBC, expected DES_CBC
> Jan 24 08:41:38 puffy isakmpd[10830]: responder_recv_HASH_SA_NONCE: peer
> proposed invalid phase 2 IDs: initiator id 10.166.112.90, responder id
> 178.26.160.62
> Jan 24 08:41:38 puffy isakmpd[10830]: dropped message from 89.204.138.90
> port 51210 due to notification type INVALID_ID_INFORMATION
> Jan 24 08:41:50 puffy isakmpd[10830]: responder_recv_HASH_SA_NONCE: peer
> proposed invalid phase 2 IDs: initiator id 10.166.112.90, responder id
> 178.26.160.62
> Jan 24 08:41:50 puffy isakmpd[10830]: dropped message from 89.204.138.90
> port 51210 due to notification type INVALID_ID_INFORMATION
> Jan 24 08:41:58 puffy isakmpd[10830]: responder_recv_HASH_SA_NONCE: peer
> proposed invalid phase 2 IDs: initiator id 10.166.112.90, responder id
> 178.26.160.62
> Jan 24 08:41:58 puffy isakmpd[10830]: dropped message from 89.204.138.90
> port 51210 due to notification type INVALID_ID_INFORMATION
>
>
> 89.204.138.90 seems to be the mobile
> 10.166.112.90 ?? whats this ?
>
> btw. im using the standard vpn client built in android. before i can
> connect i have to enter a username / pw (not psk). is ipsec about username
> / pw stuff ? could find it anywhere in the manuals.
>
>
> thanks
