Problem with the final step

[fed17]

I'm running
root@test:/home/soc/ikeforce# python ikeforce.py 192.168.1.9 -b -i 3000 -k abc123 -u fed -w t.txt -t 5 2 65001 2
After that the final debug message is
--------------------Received Packet Number: 2--------------------

Duplicate of packet 1, discarding
Duplicate packet count: 1

I'm testing my openswan server with config and secrets
ipsec.secrets
192.168.1.9 %any : PSK "abc123"
192.168.1.9 @3000: PSK "abc123"
@fed : XAUTH "aaa"
ipsec.config
conn iketest
leftxauthserver=yes
pfs=yes
#rekey=no
leftmodecfgserver=yes
rightmodecfgclient=yes
#modecfgpull=yes

    rightid=@3000
    rightxauthclient=yes
    left=192.168.1.9
    leftid=@moon.strongswan.org
    leftsubnet=10.1.0.0/24
    right=%any
    authby=secret
    ike=3des-sha;modp1024
    aggrmode=yes
    auth=esp
    esp=3des-sha1
    auto=add

Ikeforce is working while searching for groupID, correct ID was found but it doesn't work with the password
Could you help me?
Thank you

[f0cker]

can you paste the output with debugging enabled using -d?

[fed17]

out.txt

[f0cker]

anything in the strongswan logs? it should be sending an xauth authentication request from the strongswan side next. Maybe xauth is not setup correctly in the strongswan config.

[fed17]

[fed17]

as I understood from different tutorials, I should only enable leftxauthserver, rightxauthclient and add @username : XAUTH "pass" in secrets' file

[f0cker]

the strongswan logs will be your best bet, let me know if I can help any further. you can also test a connection with -c which should do all of the IKE negotiation and provide you with the details to use for ESP. however, bear in mind it's just for testing so there's limited capabilities without adding to the code

[3000]

Hi! Looks like i've been added to your project by mistake! My username is 3000 on github. Can you please remove me from this notification/thread? Thanks! Stuart

…

On Tue, May 9, 2017 at 10:20 PM, f0cker ***@***.***> wrote: the strongswan logs will be your best bet, let me know if I can help any further. you can also test a connection with -c which should do all of the IKE negotiation and provide you with the details to use for ESP. however, bear in mind it's just for testing so there's limited capabilities without adding to the code — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#6 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AA6onIG23vubqtIGRSN_EBALqCb6fNIGks5r4Fn8gaJpZM4NSypI> .