StrongSwan works on some one Firebox and doesn't work on another

LeonidLeonid
in Firebox - VPN Mobile User

Hi
I am trying to connect via StrongSwon to a Firebox and getting this:

Jan 25 16:44:21 00[DMN] Starting IKE service (strongSwan 5.9.3rc1, Android 10 - QKQ1.190825.002 test-keys/2021-02-01, MI 9 - Xiaomi/cepheus/Xiaomi, Linux 4.14.117-perf-gcf14da9, aarch64)
Jan 25 16:44:21 00[LIB] loaded plugins: androidbridge charon android-log openssl fips-prf random nonce pubkey chapoly curve25519 pkcs1 pkcs8 pem xcbc hmac socket-default revocation eap-identity eap-mschapv2 eap-md5 eap-gtc eap-tls x509
Jan 25 16:44:21 00[JOB] spawning 16 worker threads
Jan 25 16:44:21 06[IKE] initiating IKE_SA android[25] to 1.2.3.4
Jan 25 16:44:21 06[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Jan 25 16:44:21 06[NET] sending packet: from 11.15.90.166[46610] to 1.2.3.4[500] (716 bytes)
Jan 25 16:44:23 09[IKE] retransmit 1 of request with message ID 0
Jan 25 16:44:23 09[NET] sending packet: from 11.15.90.166[46610] to 1.2.3.4[500] (716 bytes)
Jan 25 16:44:26 10[IKE] retransmit 2 of request with message ID 0
Jan 25 16:44:26 10[NET] sending packet: from 11.15.90.166[46610] to 1.2.3.4[500] (716 bytes)
Jan 25 16:44:31 11[IKE] retransmit 3 of request with message ID 0
Jan 25 16:44:31 11[NET] sending packet: from 11.15.90.166[46610] to 1.2.3.4[500] (716 bytes)
Jan 25 16:44:37 13[IKE] giving up after 3 retransmits
Jan 25 16:44:37 13[IKE] establishing IKE_SA failed, peer not responding
Jan 25 16:44:37 13[IKE] unable to terminate IKE_SA: ID 25 not found

The very same phone can connect to another Firebox. Firebox Phase 1 settings are the same. Ping to 1.2.3.4 from the phone is working. No messages are appearing in TM of Firebox in question. Tried from LTE and WiFi network. IOS client can connect to both from same WiFi network.

Any ideas?
thanks

Comments

Sign In to comment.