12-06-2012 08:55 AM - edited 12-06-2012 09:01 AM
We are trying to set up an IKEv2 IPsec connection from a 184.108.40.206 controller to a linux box running strongSwan 4.5.2. We are using a PSK for authentication. These various setups all work properly: IKEv1 controller to strongSwan; IKEv2 strongSwan to strongSwan; IKEv2 controller to controller.
IKEv2 controller to strongSwan fails during IKE authentication when the strongSwan side cannot verify a message's MAC (Message Authentication Code). The PSK is definitely configured the same on both sides (it works fine with IKEv1).
The Aruba User Guide explicitly mentions that IKEv2 PSK from the controller works with strongSwan. Does anyone have experience setting this up? Are there any configuration "gotchas", or maybe some known limitations? Does anyone have a sample strongSwan config known to work?