In der Zentrale steht ein Lancom 1781VA. Das Notebook hat Linux Mint mit Strongswan.
Einrichtung nach entsprechenden Anleitungen im Internet habe ich gemacht (Presharedkey).
Allerdings kommt jedesmal bei einem Einwahlversuch die Meldung Die VPN-Verbindung konnte nicht hergestellt werden, weil die Netzwerkverbindung eine Zeitüberschreitung verursacht hat.
Um ein Problem mit der Mobilfunkverbindung auszuschliessen, habe ich das Notebook an einen anderen stationären Internet Zugang gehangen.
Die Meldung bleibt jedoch das gleiche.
Firewall am Notebook ist temporär ausgeschaltet.
Vielleicht hat ja jemand einen Tipp.
Anbei die Logdatei:
Mar 25 19:33:58 n10 NetworkManager[1264]: <info> [1679769238.3698] vpn[0x5578f9e86150,fc9a9b4d-2472-47f2-a310-edac11391b01,"VPN-Verbindung 1"]: starting strongswan
Mar 25 19:33:58 n10 NetworkManager[1264]: <info> [1679769238.3721] audit: op="connection-activate" uuid="fc9a9b4d-2472-47f2-a310-edac11391b01" name="VPN-Verbindung 1" pid=2246 uid=1000 result="success"
Mar 25 19:33:58 n10 charon-nm: 00[DMN] Starting charon NetworkManager backend (strongSwan 5.9.5)
Mar 25 19:33:58 n10 charon-nm: 00[LIB] providers loaded by OpenSSL: legacy default
Mar 25 19:33:58 n10 charon-nm: 00[KNL] unable to create IPv4 routing table rule
Mar 25 19:33:58 n10 charon-nm: 00[KNL] unable to create IPv6 routing table rule
Mar 25 19:33:58 n10 charon-nm: 00[LIB] created TUN device: tun0
Mar 25 19:33:58 n10 systemd-udevd[2888]: Using default interface naming scheme 'v249'.
Mar 25 19:33:58 n10 NetworkManager[1264]: <info> [1679769238.5149] manager: (tun0): new Tun device (/org/freedesktop/NetworkManager/Devices/5)
Mar 25 19:33:58 n10 charon-nm: 00[LIB] loaded plugins: nm-backend charon-nm aes rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation constraints pkcs1 pkcs7 pkcs8 sshkey pem openssl fips-prf gmp agent xcbc hmac gcm drbg kernel-netlink socket-default bypass-lan eap-mschapv2
Mar 25 19:33:58 n10 charon-nm: 00[LIB] dropped capabilities, running as uid 0, gid 0
Mar 25 19:33:58 n10 charon-nm: 00[JOB] spawning 16 worker threads
Mar 25 19:33:58 n10 charon-nm: 07[IKE] installed bypass policy for 169.254.0.0/16
Mar 25 19:33:58 n10 charon-nm: 07[IKE] installed bypass policy for 192.168.87.0/24
Mar 25 19:33:58 n10 charon-nm: 07[IKE] installed bypass policy for ::1/128
Mar 25 19:33:58 n10 charon-nm: 07[IKE] installed bypass policy for 2a01:599:21d:c3f::/64
Mar 25 19:33:58 n10 charon-nm: 07[IKE] installed bypass policy for fe80::/64
Mar 25 19:33:59 n10 charon-nm: 06[CFG] received initiate for NetworkManager connection VPN-Verbindung 1
Mar 25 19:33:59 n10 charon-nm: 06[LIB] file coded in unknown format, discarded
Mar 25 19:33:59 n10 charon-nm: 06[LIB] building CRED_CERTIFICATE - X509 failed, tried 4 builders
Mar 25 19:33:59 n10 charon-nm: 06[CFG] loading CA certificate '/etc/ssl/certs/java/cacerts' failed
Mar 25 19:34:00 n10 charon-nm: 06[CFG] using gateway identity 'xyz'
Mar 25 19:34:00 n10 charon-nm: 06[IKE] initiating IKE_SA VPN-Verbindung 1[1] to 64:ff9b:
ef9Mar 25 19:34:00 n10 charon-nm: 06[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Mar 25 19:34:00 n10 charon-nm: 06[NET] sending packet: from 2a01:599:21d:c3f:5aa6:c629:6855:28d1[45586] to 64:ff9b:
ef9[500] (844 bytes)Mar 25 19:34:04 n10 charon-nm: 03[IKE] retransmit 1 of request with message ID 0
Mar 25 19:34:04 n10 charon-nm: 03[NET] sending packet: from 2a01:599:21d:c3f:5aa6:c629:6855:28d1[45586] to 64:ff9b:
ef9[500] (844 bytes)Mar 25 19:34:08 n10 systemd-resolved[1238]: Using degraded feature set UDP instead of UDP+EDNS0 for DNS server 192.168.87.52.
Mar 25 19:34:11 n10 charon-nm: 08[IKE] retransmit 2 of request with message ID 0
Mar 25 19:34:11 n10 charon-nm: 08[NET] sending packet: from 2a01:599:21d:c3f:5aa6:c629:6855:28d1[45586] to 64:ff9b:
ef9[500] (844 bytes)Mar 25 19:34:24 n10 charon-nm: 12[IKE] retransmit 3 of request with message ID 0
Mar 25 19:34:24 n10 charon-nm: 12[NET] sending packet: from 2a01:599:21d:c3f:5aa6:c629:6855:28d1[45586] to 64:ff9b:
ef9[500] (844 bytes)Mar 25 19:34:48 n10 charon-nm: 13[IKE] retransmit 4 of request with message ID 0
Mar 25 19:34:48 n10 charon-nm: 13[NET] sending packet: from 2a01:599:21d:c3f:5aa6:c629:6855:28d1[45586] to 64:ff9b:
ef9[500] (844 bytes)Mar 25 19:35:00 n10 NetworkManager[1264]: <warn> [1679769300.6484] vpn[0x5578f9e86150,fc9a9b4d-2472-47f2-a310-edac11391b01,"VPN-Verbindung 1"]: connect timeout exceeded
Mar 25 19:35:00 n10 charon-nm[2886]: Connect timer expired, disconnecting.
Mar 25 19:35:00 n10 charon-nm: 14[IKE] destroying IKE_SA in state CONNECTING without notification