Establishing IKE_SA failed, peer not responding

configurationstrongswanvpn

I'm new with this VPN things. I'm using Strongswan 5.8.2 with swan config for establish my SA and using PSK. Im integrating with a company to provide me some services and they gave me a gateway server IP which is reachable when i ping it. At my side, swanctl can load connection and systemctl running well but the logs shows "establishing IKE_SA failed, peer not responding" and "error writing socket: Network Unreachable" after I initiate the connection. I used CentOS 8 for this.

this is my swanctl configuration:

connections {
    site-2-site {
        version = 1
        local_addrs = public-IP-site1
        remote_addrs = public-ip-site2
        local_port = 500
        remote_port = 500
        proposals = aes256-sha1-modp1536
        keyingtries = 1
        rekey_time = 86400s
        local {
                    auth = psk
                    id = public-IP-site1
        }
        remote {
            auth = psk
                    id = public-ip-site2
        }
        children {
                    site-2-site {
                            esp_proposals = aes128-sha1
                            local_ts = private-ip-site1
                            remote_ts = private-ip-site2
                            life_time = 3600s
                mode = tunnel
                }
        }
    }
}

secrets {
        secret = ThisIsPSKkey
        id-1a = public-ip-site1
        id-1b = public-ip-site2
}

logs when I initiate the connection:

12[CFG] vici initiate CHILD_SA 'stickearn-to-cimb'
13[IKE] initiating Main Mode IKE_SA stickearn-to-cimb[3] to public-ip-site2
13[ENC] generating ID_PROT request 0 [ SA V V V V V ]
13[NET] sending packet: from public-ip-site1[500] to public-ip-site2[500] (184 bytes)
04[NET] error writing to socket: Network is unreachable
13[IKE] sending retransmit 1 of request message ID 0, seq 1
13[NET] sending packet: from public-ip-site1[500] to public-ip-site2[500] (184 bytes)
04[NET] error writing to socket: Network is unreachable
11[IKE] sending retransmit 2 of request message ID 0, seq 1
11[NET] sending packet: from public-ip-site1[500] to public-ip-site2[500] (184 bytes)
04[NET] error writing to socket: Network is unreachable
08[IKE] sending retransmit 3 of request message ID 0, seq 1
08[NET] sending packet: from public-ip-site1[500] to public-ip-site2[500] (184 bytes)
04[NET] error writing to socket: Network is unreachable
13[IKE] sending retransmit 4 of request message ID 0, seq 1
13[NET] sending packet: from public-ip-site1[500] to public-ip-site2[500] (184 bytes)
04[NET] error writing to socket: Network is unreachable
10[IKE] sending retransmit 5 of request message ID 0, seq 1
10[NET] sending packet: from public-ip-site1[500] to public-ip-site2[500] (184 bytes)
04[NET] error writing to socket: Network is unreachable
07[IKE] giving up after 5 retransmits
07[IKE] establishing IKE_SA failed, peer not responding

is it problem with firewall or anything else? i kindly need your help.

Best Answer

Ive passed the obstacle. you can see here.

next what u have to do is make firewall rule for allowing specific IP/port.

Related Topic