IKEv2 VPN not working on Android 14 to ER605v2 (Galaxy S24 Ultra)
Hello all!
I have an ER605v2 running alongside an OC200 controller. I've previously tried to setup an IKEv2 VPN server to access my network from the internet using a flagship android device before I got the OC200, and if I remember correctly I had success.
After getting the OC200, and now using a Galaxy S24 Ultra, I cannot get the server to work. Things to consider:
- ER605 is NOT double NATted, the modem from the ISP is configured in Bridged Mode and the router has it's own public IP address.
- I've tried many, many proposal settings and I don't think that's the problem
Using the app "strongSwan" to connect, I get the following LOG:
Apr 14 13:44:50 00[DMN] +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Apr 14 13:44:50 00[DMN] Starting IKE service (strongSwan 5.9.13, Android 14 - UP1A.231005.007.S928BXXU1AXCA/2024-04-01, SM-S928B - samsung/e3qxxx/samsung, Linux 6.1.25-android14-11-28243294-abS928BXXU1AXCA, aarch64, orgDOTstrongswanDOTandroid)
Apr 14 13:44:50 00[LIB] providers loaded by OpenSSL: default legacy
Apr 14 13:44:50 00[LIB] loaded plugins: androidbridge charon android-log socket-default openssl nonce pkcs1 pem x509 xcbc kdf revocation eap-identity eap-mschapv2 eap-md5 eap-gtc eap-tls
Apr 14 13:44:50 00[JOB] spawning 16 worker threads
Apr 14 13:44:50 11[IKE] initiating IKE_SA android[18] to 190.#.#.###
Apr 14 13:44:50 11[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Apr 14 13:44:50 11[NET] sending packet: from 192.168.#.###[[35856] to 190.#.#.###[500] (948 bytes)
Apr 14 13:44:50 08[NET] received packet: from 190.#.#.###[500] to 192.168.#.###[[35856] (38 bytes)
Apr 14 13:44:50 08[ENC] parsed IKE_SA_INIT response 0 [ N(INVAL_KE) ]
Apr 14 13:44:50 08[IKE] peer didn't accept DH group ECP_256, it requested MODP_2048
Apr 14 13:44:50 08[IKE] initiating IKE_SA android[18] to 190.#.#.###
Apr 14 13:44:50 08[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Apr 14 13:44:50 08[NET] sending packet: from 192.168.#.###[[35856] to 190.#.#.###[500] (1140 bytes)
Apr 14 13:44:51 07[NET] received packet: from 190.#.#.###[500] to 192.168.#.###[[35856] (456 bytes)
Apr 14 13:44:51 07[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) N(MULT_AUTH) ]
Apr 14 13:44:51 07[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
Apr 14 13:44:51 07[IKE] local host is behind NAT, sending keep alives
Apr 14 13:44:51 07[IKE] sending cert request for "C=HU, L=Budapest, O=Microsec Ltd., CN=Microsec e-Szigno Root CA 2009, E=info@e-szignoDOThu"
Apr 14 13:44:51 07[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=wwwDOTdigicertDOTcom, CN=DigiCert High Assurance EV Root CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=DigiCert, Inc., CN=DigiCert TLS RSA4096 Root G5"
Apr 14 13:44:51 07[IKE] sending cert request for "C=TN, O=Agence Nationale de Certification Electronique, CN=TunTrust Root CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=BE, O=GlobalSign nv-sa, CN=GlobalSign Root R46"
Apr 14 13:44:51 07[IKE] sending cert request for "C=JP, O=SECOM TrustDOTnet, OU=Security Communication RootCA1"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSLDOTcom Root Certification Authority ECC"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=wwwDOTdigicertDOTcom, CN=DigiCert Assured ID Root CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Certainly, CN=Certainly Root R1"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, ST=Illinois, L=Chicago, O=Trustwave Holdings, Inc., CN=Trustwave Global ECC P384 Certification Authority"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Internet Security Research Group, CN=ISRG Root X1"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Google Trust Services LLC, CN=GTS Root R2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, OU=wwwDOTxrampsecurityDOTcom, O=XRamp Security Services Inc, CN=XRamp Global Certification Authority"
Apr 14 13:44:51 07[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 3 G3"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=wwwDOTdigicertDOTcom, CN=DigiCert Assured ID Root G3"
Apr 14 13:44:51 07[IKE] sending cert request for "C=FR, O=Dhimyotis, OU=0002 48146308100036, CN=Certigna Root CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=CH, O=SwissSign AG, CN=SwissSign Silver CA - G2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Microsoft Corporation, CN=Microsoft ECC Root Certificate Authority 2017"
Apr 14 13:44:51 07[IKE] sending cert request for "C=CN, O=China Financial Certification Authority, CN=CFCA EV ROOT"
Apr 14 13:44:51 07[IKE] sending cert request for "C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication RootCA2"
Apr 14 13:44:51 07[IKE] sending cert request for "OU=GlobalSign Root CA - R6, O=GlobalSign, CN=GlobalSign"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Entrust, Inc., OU=See wwwDOTentrustDOTnet/legal-terms, OU=(c) 2015 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G4"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=AffirmTrust, CN=AffirmTrust Premium ECC"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=wwwDOTdigicertDOTcom, CN=DigiCert Trusted Root G4"
Apr 14 13:44:51 07[IKE] sending cert request for "C=PL, O=Krajowa Izba Rozliczeniowa S.A., CN=SZAFIR ROOT CA2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Google Trust Services LLC, CN=GTS Root R1"
Apr 14 13:44:51 07[IKE] sending cert request for "C=IT, L=Milan, O=Actalis S.p.A./03358520967, CN=Actalis Authentication Root CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=wwwDOTdigicertDOTcom, CN=DigiCert Global Root G3"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSLDOTcom Root Certification Authority RSA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=SecureTrust Corporation, CN=Secure Global CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA 2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=DE, O=D-Trust GmbH, CN=D-TRUST EV Root CA 1 2020"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Entrust, Inc., OU=See wwwDOTentrustDOTnet/legal-terms, OU=(c) 2012 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - EC1"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, OU=emSign PKI, O=eMudhra Inc, CN=emSign Root CA - C1"
Apr 14 13:44:51 07[IKE] sending cert request for "C=CN, O=iTrusChina Co.,Ltd., CN=vTrus Root CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, ST=Illinois, L=Chicago, O=Trustwave Holdings, Inc., CN=Trustwave Global Certification Authority"
Apr 14 13:44:51 07[IKE] sending cert request for "C=AT, O=e-commerce monitoring GmbH, CN=GLOBALTRUST 2020"
Apr 14 13:44:51 07[IKE] sending cert request for "C=RO, O=CERTSIGN SA, OU=certSIGN ROOT CA G2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=IdenTrust, CN=IdenTrust Commercial Root CA 1"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=DigiCert, Inc., CN=DigiCert TLS ECC P384 Root G5"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, ST=Arizona, L=Scottsdale, O=GoDaddyDOTcom, Inc., CN=Go Daddy Root Certificate Authority - G2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=SK, L=Bratislava, O=Disig a.s., CN=CA Disig Root R2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=AffirmTrust, CN=AffirmTrust Premium"
Apr 14 13:44:51 07[IKE] sending cert request for "C=GR, O=Hellenic Academic and Research Institutions CA, CN=HARICA TLS RSA Root CA 2021"
Apr 14 13:44:51 07[IKE] sending cert request for "C=CN, O=GUANG DON CERTIFICATE AUTHORITY CO.,LTD., CN=GDCA TrustAUTH R5 ROOT"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Amazon, CN=Amazon Root CA 2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=ES, O=FNMT-RCM, OU=Ceres, 55:04:61=VATES-Q2826004J, CN=AC RAIZ FNMT-RCM SERVIDORES SEGUROS"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=SecureTrust Corporation, CN=SecureTrust CA"
Apr 14 13:44:51 07[IKE] sending cert request for "OU=GlobalSign ECC Root CA - R4, O=GlobalSign, CN=GlobalSign"
Apr 14 13:44:51 07[IKE] sending cert request for "C=NO, O=Buypass AS-983163327, CN=Buypass Class 2 Root CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 1 G3"
Apr 14 13:44:51 07[IKE] sending cert request for "O=TeliaSonera, CN=TeliaSonera Root CA v1"
Apr 14 13:44:51 07[IKE] sending cert request for "C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=JP, O=SECOM Trust Systems CO.,LTD., CN=Security Communication ECC RootCA1"
Apr 14 13:44:51 07[IKE] sending cert request for "C=IN, OU=emSign PKI, O=eMudhra Technologies Limited, CN=emSign Root CA - G1"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Google Trust Services LLC, CN=GTS Root R3"
Apr 14 13:44:51 07[IKE] sending cert request for "C=CH, O=SwissSign AG, CN=SwissSign Gold CA - G2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=BE, O=GlobalSign nv-sa, CN=GlobalSign Root E46"
Apr 14 13:44:51 07[IKE] sending cert request for "C=CH, O=WISeKey, OU=OISTE Foundation Endorsed, CN=OISTE WISeKey Global Root GC CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=TW, O=Chunghwa Telecom Co., Ltd., OU=ePKI Root Certification Authority"
Apr 14 13:44:51 07[IKE] sending cert request for "C=PL, O=Asseco Data Systems S.A., OU=Certum Certification Authority, CN=Certum Trusted Root CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=KR, O=NAVER BUSINESS PLATFORM Corp., CN=NAVER Global Root Certification Authority"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Amazon, CN=Amazon Root CA 1"
Apr 14 13:44:51 07[IKE] sending cert request for "OU=GlobalSign ECC Root CA - R5, O=GlobalSign, CN=GlobalSign"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=AffirmTrust, CN=AffirmTrust Networking"
Apr 14 13:44:51 07[IKE] sending cert request for "C=CN, O=UniTrust, CN=UCA Global G2 Root"
Apr 14 13:44:51 07[IKE] sending cert request for "C=HK, O=Hongkong Post, CN=Hongkong Post Root CA 1"
Apr 14 13:44:51 07[IKE] sending cert request for "O=EntrustDOTnet, OU=wwwDOTentrustDOTnet/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 EntrustDOTnet Limited, CN=EntrustDOTnet Certification Authority (2048)"
Apr 14 13:44:51 07[IKE] sending cert request for "C=FR, O=Dhimyotis, CN=Certigna"
Apr 14 13:44:51 07[IKE] sending cert request for "C=IN, OU=emSign PKI, O=eMudhra Technologies Limited, CN=emSign ECC Root CA - G3"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Amazon, CN=Amazon Root CA 3"
Apr 14 13:44:51 07[IKE] sending cert request for "C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority"
Apr 14 13:44:51 07[IKE] sending cert request for "CN=Atos TrustedRoot 2011, O=Atos, C=DE"
Apr 14 13:44:51 07[IKE] sending cert request for "OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign"
Apr 14 13:44:51 07[IKE] sending cert request for "C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=TR, L=Gebze - Kocaeli, O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK, OU=Kamu Sertifikasyon Merkezi - Kamu SM, CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
Apr 14 13:44:51 07[IKE] sending cert request for "C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Google Trust Services LLC, CN=GTS Root R4"
Apr 14 13:44:51 07[IKE] sending cert request for "C=ES, CN=Autoridad de Certificacion Firmaprofesional CIF A62634068"
Apr 14 13:44:51 07[IKE] sending cert request for "C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Certification Authority"
Apr 14 13:44:51 07[IKE] sending cert request for "C=ES, CN=Autoridad de Certificacion Firmaprofesional CIF A62634068"
Apr 14 13:44:51 07[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3"
Apr 14 13:44:51 07[IKE] sending cert request for "C=CH, O=WISeKey, OU=OISTE Foundation Endorsed, CN=OISTE WISeKey Global Root GB CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=PL, O=Asseco Data Systems S.A., OU=Certum Certification Authority, CN=Certum EC-384 CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=TW, O=Chunghwa Telecom Co., Ltd., CN=HiPKI Root CA - G1"
Apr 14 13:44:51 07[IKE] sending cert request for "CN=ACCVRAIZ1, OU=PKIACCV, O=ACCV, C=ES"
Apr 14 13:44:51 07[IKE] sending cert request for "C=JP, O=SECOM Trust Systems CO.,LTD., CN=Security Communication RootCA3"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Internet Security Research Group, CN=ISRG Root X2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust ECC Certification Authority"
Apr 14 13:44:51 07[IKE] sending cert request for "C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO ECC Certification Authority"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Amazon, CN=Amazon Root CA 4"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=IdenTrust, CN=IdenTrust Public Sector Root CA 1"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Entrust, Inc., OU=wwwDOTentrustDOTnet/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority"
Apr 14 13:44:51 07[IKE] sending cert request for "C=FI, O=Telia Finland Oyj, CN=Telia Root CA v2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSLDOTcom EV Root Certification Authority ECC"
Apr 14 13:44:51 07[IKE] sending cert request for "C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 3"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSLDOTcom EV Root Certification Authority RSA R2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=wwwDOTdigicertDOTcom, CN=DigiCert Global Root CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=wwwDOTdigicertDOTcom, CN=DigiCert Global Root G2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=CN, O=UniTrust, CN=UCA Extended Validation Root"
Apr 14 13:44:51 07[IKE] sending cert request for "C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 EV 2009"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Certainly, CN=Certainly Root E1"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, OU=emSign PKI, O=eMudhra Inc, CN=emSign ECC Root CA - C3"
Apr 14 13:44:51 07[IKE] sending cert request for "C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 3"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Microsoft Corporation, CN=Microsoft RSA Root Certificate Authority 2017"
Apr 14 13:44:51 07[IKE] sending cert request for "serialNumber=G63287510, C=ES, O=ANF Autoridad de Certificacion, OU=ANF CA Raiz, CN=ANF Secure Server Root CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority"
Apr 14 13:44:51 07[IKE] sending cert request for "C=ES, O=IZENPE S.A., CN=IzenpeDOTcom"
Apr 14 13:44:51 07[IKE] sending cert request for "C=GR, O=Hellenic Academic and Research Institutions CA, CN=HARICA TLS ECC Root CA 2021"
Apr 14 13:44:51 07[IKE] sending cert request for "C=HU, L=Budapest, O=Microsec Ltd., 55:04:61=VATHU-23584497, CN=e-Szigno Root CA 2017"
Apr 14 13:44:51 07[IKE] sending cert request for "C=HU, L=Budapest, O=NetLock Kft., OU=Tan??s??tv??nykiad??k (Certification Services), CN=NetLock Arany (Class Gold) F??tan??s??tv??ny"
Apr 14 13:44:51 07[IKE] sending cert request for "C=NO, O=Buypass AS-983163327, CN=Buypass Class 3 Root CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=CN, O=iTrusChina Co.,Ltd., CN=vTrus ECC Root CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=ES, O=FNMT-RCM, OU=AC RAIZ FNMT-RCM"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=DigiCert Inc, OU=wwwDOTdigicertDOTcom, CN=DigiCert Assured ID Root G2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=GR, L=Athens, O=Hellenic Academic and Research Institutions Cert. Authority, CN=Hellenic Academic and Research Institutions ECC RootCA 2015"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, ST=Illinois, L=Chicago, O=Trustwave Holdings, Inc., CN=Trustwave Global ECC P256 Certification Authority"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=Entrust, Inc., OU=See wwwDOTentrustDOTnet/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=RO, O=certSIGN, OU=certSIGN ROOT CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=DE, O=D-Trust GmbH, CN=D-TRUST BR Root CA 1 2020"
Apr 14 13:44:51 07[IKE] sending cert request for "C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2"
Apr 14 13:44:51 07[IKE] sending cert request for "C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Global Root CA"
Apr 14 13:44:51 07[IKE] sending cert request for "C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 2009"
Apr 14 13:44:51 07[IKE] sending cert request for "C=HK, ST=Hong Kong, L=Hong Kong, O=Hongkong Post, CN=Hongkong Post Root CA 3"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, O=AffirmTrust, CN=AffirmTrust Commercial"
Apr 14 13:44:51 07[IKE] sending cert request for "C=JP, O=Japan Certification Services, Inc., CN=SecureSign RootCA11"
Apr 14 13:44:51 07[IKE] sending cert request for "C=GR, L=Athens, O=Hellenic Academic and Research Institutions Cert. Authority, CN=Hellenic Academic and Research Institutions RootCA 2015"
Apr 14 13:44:51 07[IKE] sending cert request for "C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2"
Apr 14 13:44:51 07[IKE] establishing CHILD_SA android{16}
Apr 14 13:44:51 07[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) CERTREQ CPRQ(ADDR ADDR6 DNS DNS6) SA TSi TSr N(MOBIKE_SUP) N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Apr 14 13:44:51 07[NET] sending packet: from 192.168.#.###[[40071] to 190.#.#.###[4500] (3116 bytes)
Apr 14 13:44:51 12[NET] received packet: from 190.#.#.###[4500] to 192.168.#.###[[40071] (76 bytes)
Apr 14 13:44:51 12[ENC] parsed IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Apr 14 13:44:51 12[IKE] received AUTHENTICATION_FAILED notify error
Currently, this is my config, following the guide that is provided in the forum:
Any idea what can be causing the problem?
Couldn't get a Windows computer to connect either, no matter what proposals I select.
Thanks!