Проблема с подключением StrongSwan только на Windows10

Мой VPN-сервер работает без проблем на моем устройстве iPhone. Но я не могу подключиться в Windows 10. Думаю, проблема связана с сертификатом. Вот что я сделал:

ipsec pki --gen --type rsa --size 4096 --outform pem > ~/pki/private/ca-key.pem

Затем:

    ipsec pki --self --ca --lifetime 3650 --in ~/pki/private/ca-key.pem \
    --type rsa --dn "CN=VPN root CA" --outform pem > ~/pki/cacerts/ca-cert.pem

Я создал закрытый ключ для своего VPN-сервера

ipsec pki --gen --type rsa --size 4096 --outform pem > ~/pki/private/server-key.pem

последняя команда о подписи:

    ipsec pki --pub --in ~/pki/private/server-key.pem --type rsa \
    | ipsec pki --issue --lifetime 1825 \
        --cacert ~/pki/cacerts/ca-cert.pem \
        --cakey ~/pki/private/ca-key.pem \
        --dn "CN=server_domain_or_IP" --san "server_domain_or_IP" \
        --flag serverAuth --flag ikeIntermediate --outform pem \
    >  ~/pki/certs/server-cert.pem

Когда это будет сделано, я скопировал свой сертификат с помощью этой команды (с --- BEGIN CERTIFICATE --- и --- END CERTIFICATE ----)

cat /etc/ipsec.d/cacerts/ca-cert.pem

наконец, я сохранил его на своем рабочем столе как «ca-cert.pem». Затем я загрузил его на "mmc.exe"

Я не знаю, как мне поделиться данными моего журнала. Надеюсь, это пригодится:

    May 15 18:24:09 vpn kernel: [97907.255740] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:91:37:c0:b0:c6:9a:d4:80:01:08:00 SRC=176.113.115.248 DST=23.239.94.13 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=41309 PROTO=TCP SPT=47749 DPT=37177 WINDOW=1200 RES=0x00 RST URGP=0 
May 15 18:24:11 vpn kernel: [97908.460524] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:91:37:c0:b0:c6:9a:d4:80:01:08:00 SRC=195.54.160.30 DST=23.239.94.13 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=37663 PROTO=TCP SPT=47749 DPT=28034 WINDOW=1200 RES=0x00 RST URGP=0 
May 15 18:24:12 vpn kernel: [97909.525913] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:91:37:c0:b0:c6:9a:d4:80:01:08:00 SRC=213.217.0.201 DST=23.239.94.13 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=36047 PROTO=TCP SPT=58344 DPT=6905 WINDOW=1200 RES=0x00 RST URGP=0 
May 15 18:24:35 vpn kernel: [97933.000755] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:91:37:c0:b0:c6:9a:d4:80:01:08:00 SRC=49.88.112.115 DST=23.239.94.13 LEN=67 TOS=0x00 PREC=0x00 TTL=41 ID=36536 DF PROTO=TCP SPT=20478 DPT=22 WINDOW=229 RES=0x00 ACK PSH URGP=0 
May 15 18:24:39 vpn systemd[1]: Started Session 42 of user root.
May 15 18:25:12 vpn systemd[1]: Started Session 43 of user root.
May 15 18:25:28 vpn kernel: [97985.726724] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:91:37:c0:b0:c6:9a:d4:80:01:08:00 SRC=49.88.112.115 DST=23.239.94.13 LEN=908 TOS=0x00 PREC=0x00 TTL=41 ID=11808 DF PROTO=TCP SPT=44687 DPT=22 WINDOW=229 RES=0x00 ACK PSH URGP=0 
May 15 18:25:29 vpn kernel: [97986.746509] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:91:37:c0:b0:c6:9a:d4:80:01:08:00 SRC=80.82.69.130 DST=23.239.94.13 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=23407 PROTO=TCP SPT=40524 DPT=30110 WINDOW=1200 RES=0x00 RST URGP=0 
May 15 18:25:31 vpn charon: 07[NET] received packet: from 78.183.46.165[500] to 23.239.94.13[500] (1104 bytes)
May 15 18:25:31 vpn charon: 07[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(FRAG_SUP) N(NATD_S_IP) N(NATD_D_IP) V V V V ]
May 15 18:25:31 vpn charon: 07[IKE] received MS NT5 ISAKMPOAKLEY v9 vendor ID
May 15 18:25:31 vpn charon: 07[IKE] received MS-Negotiation Discovery Capable vendor ID
May 15 18:25:31 vpn charon: 07[IKE] received Vid-Initial-Contact vendor ID
May 15 18:25:31 vpn charon: 07[ENC] received unknown vendor ID: 01:52:8b:bb:c0:06:96:12:18:49:ab:9a:1c:5b:2a:51:00:00:00:02
May 15 18:25:31 vpn charon: 07[IKE] 78.183.46.165 is initiating an IKE_SA
May 15 18:25:31 vpn charon: 07[IKE] remote host is behind NAT
May 15 18:25:31 vpn charon: 07[IKE] received proposals inacceptable
May 15 18:25:31 vpn charon: 07[ENC] generating IKE_SA_INIT response 0 [ N(NO_PROP) ]
May 15 18:25:31 vpn charon: 07[NET] sending packet: from 23.239.94.13[500] to 78.183.46.165[500] (36 bytes)
May 15 18:25:37 vpn charon: 08[NET] received packet: from 78.183.46.165[500] to 23.239.94.13[500] (408 bytes)
May 15 18:25:37 vpn ipsec[22329]: 15[NET] sending packet: from 23.239.94.13[4500] to 78.183.46.165[4500] (128 bytes)
May 15 18:25:37 vpn ipsec[22329]: 06[IKE] sending DPD request
May 15 18:25:37 vpn ipsec[22329]: 06[ENC] generating INFORMATIONAL request 0 [ ]
May 15 18:25:37 vpn ipsec[22329]: 06[NET] sending packet: from 23.239.94.13[4500] to 78.183.46.165[4500] (80 bytes)
May 15 18:25:37 vpn ipsec[22329]: 05[IKE] retransmit 1 of request with message ID 0
May 15 18:25:37 vpn ipsec[22329]: 05[NET] sending packet: from 23.239.94.13[4500] to 78.183.46.165[4500] (80 bytes)
May 15 18:25:37 vpn ipsec[22329]: 07[IKE] retransmit 2 of request with message ID 0
May 15 18:25:37 vpn ipsec[22329]: 07[NET] sending packet: from 23.239.94.13[4500] to 78.183.46.165[4500] (80 bytes)
May 15 18:25:37 vpn ipsec[22329]: 08[IKE] retransmit 3 of request with message ID 0
May 15 18:25:37 vpn ipsec[22329]: 08[NET] sending packet: from 23.239.94.13[4500] to 78.183.46.165[4500] (80 bytes)
May 15 18:25:37 vpn ipsec[22329]: 09[IKE] retransmit 4 of request with message ID 0
May 15 18:25:37 vpn ipsec[22329]: 09[NET] sending packet: from 23.239.94.13[4500] to 78.183.46.165[4500] (80 bytes)
May 15 18:25:37 vpn ipsec[22329]: 10[IKE] retransmit 5 of request with message ID 0
May 15 18:25:37 vpn ipsec[22329]: 10[NET] sending packet: from 23.239.94.13[4500] to 78.183.46.165[4500] (80 bytes)
May 15 18:25:37 vpn ipsec[22329]: 11[IKE] giving up after 5 retransmits
May 15 18:25:37 vpn ipsec[22329]: 14[NET] received packet: from 78.183.46.165[500] to 23.239.94.13[500] (1104 bytes)
May 15 18:25:37 vpn ipsec[22329]: 14[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(FRAG_SUP) N(NATD_S_IP) N(NATD_D_IP) V V V V ]
May 15 18:25:37 vpn ipsec[22329]: 14[IKE] received MS NT5 ISAKMPOAKLEY v9 vendor ID
May 15 18:25:37 vpn ipsec[22329]: 14[IKE] received MS-Negotiation Discovery Capable vendor ID
May 15 18:25:37 vpn ipsec[22329]: 14[IKE] received Vid-Initial-Contact vendor ID
May 15 18:25:37 vpn ipsec[22329]: 14[ENC] received unknown vendor ID: 01:52:8b:bb:c0:06:96:12:18:49:ab:9a:1c:5b:2a:51:00:00:00:02
May 15 18:25:37 vpn ipsec[22329]: 14[IKE] 78.183.46.165 is initiating an IKE_SA
May 15 18:25:37 vpn ipsec[22329]: 14[IKE] remote host is behind NAT
May 15 18:25:37 vpn ipsec[22329]: 14[IKE] received proposals inacceptable
May 15 18:25:37 vpn ipsec[22329]: 14[ENC] generating IKE_SA_INIT response 0 [ N(NO_PROP) ]
May 15 18:25:37 vpn ipsec[22329]: 14[NET] sending packet: from 23.239.94.13[500] to 78.183.46.165[500] (36 bytes)
May 15 18:25:37 vpn ipsec[22329]: 15[NET] received packet: from 78.183.46.165[500] to 23.239.94.13[500] (408 bytes)
May 15 18:25:37 vpn ipsec[22329]: 15[ENC] parsed ID_PROT request 0 [ SA V V V V V V V V ]
May 15 18:25:37 vpn ipsec[22329]: 15[IKE] no IKE config found for 23.239.94.13...78.183.46.165, sending NO_PROPOSAL_CHOSEN
May 15 18:25:37 vpn ipsec[22329]: 15[ENC] generating INFORMATIONAL_V1 request 73840341 [ N(NO_PROP) ]
May 15 18:25:37 vpn ipsec[22329]: 15[NET] sending packet: from 23.239.94.13[500] to 78.183.46.165[500] (40 bytes)
May 15 18:25:37 vpn charon: 08[ENC] parsed ID_PROT request 0 [ SA V V V V V V V V ]
May 15 18:25:37 vpn ipsec[22329]: 16[NET] received packet: from 78.183.46.165[500] to 23.239.94.13[500] (408 bytes)
May 15 18:25:37 vpn ipsec[22329]: 16[ENC] parsed ID_PROT request 0 [ SA V V V V V V V V ]
May 15 18:25:37 vpn ipsec[22329]: 16[IKE] no IKE config found for 23.239.94.13...78.183.46.165, sending NO_PROPOSAL_CHOSEN
May 15 18:25:37 vpn ipsec[22329]: 16[ENC] generating INFORMATIONAL_V1 request 499242672 [ N(NO_PROP) ]
May 15 18:25:37 vpn ipsec[22329]: 16[NET] sending packet: from 23.239.94.13[500] to 78.183.46.165[500] (40 bytes)
May 15 18:25:37 vpn ipsec[22329]: 06[NET] received packet: from 78.183.46.165[500] to 23.239.94.13[500] (408 bytes)
May 15 18:25:37 vpn ipsec[22329]: 06[ENC] parsed ID_PROT request 0 [ SA V V V V V V V V ]
May 15 18:25:37 vpn ipsec[22329]: 06[IKE] no IKE config found for 23.239.94.13...78.183.46.165, sending NO_PROPOSAL_CHOSEN
May 15 18:25:37 vpn ipsec[22329]: 06[ENC] generating INFORMATIONAL_V1 request 2407059184 [ N(NO_PROP) ]
May 15 18:25:37 vpn ipsec[22329]: 06[NET] sending packet: from 23.239.94.13[500] to 78.183.46.165[500] (40 bytes)
May 15 18:25:37 vpn ipsec[22329]: 05[NET] received packet: from 78.183.46.165[500] to 23.239.94.13[500] (408 bytes)
May 15 18:25:37 vpn ipsec[22329]: 05[ENC] parsed ID_PROT request 0 [ SA V V V V V V V V ]
May 15 18:25:37 vpn ipsec[22329]: 05[IKE] no IKE config found for 23.239.94.13...78.183.46.165, sending NO_PROPOSAL_CHOSEN
May 15 18:25:37 vpn ipsec[22329]: 05[ENC] generating INFORMATIONAL_V1 request 506069727 [ N(NO_PROP) ]
May 15 18:25:37 vpn ipsec[22329]: 05[NET] sending packet: from 23.239.94.13[500] to 78.183.46.165[500] (40 bytes)
May 15 18:25:37 vpn ipsec[22329]: 07[NET] received packet: from 78.183.46.165[500] to 23.239.94.13[500] (1104 bytes)
May 15 18:25:37 vpn ipsec[22329]: 07[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(FRAG_SUP) N(NATD_S_IP) N(NATD_D_IP) V V V V ]
May 15 18:25:37 vpn ipsec[22329]: 07[IKE] received MS NT5 ISAKMPOAKLEY v9 vendor ID
May 15 18:25:37 vpn ipsec[22329]: 07[IKE] received MS-Negotiation Discovery Capable vendor ID
May 15 18:25:37 vpn ipsec[22329]: 07[IKE] received Vid-Initial-Contact vendor ID
May 15 18:25:37 vpn ipsec[22329]: 07[ENC] received unknown vendor ID: 01:52:8b:bb:c0:06:96:12:18:49:ab:9a:1c:5b:2a:51:00:00:00:02
May 15 18:25:37 vpn ipsec[22329]: 07[IKE] 78.183.46.165 is initiating an IKE_SA
May 15 18:25:37 vpn ipsec[22329]: 07[IKE] remote host is behind NAT
May 15 18:25:37 vpn ipsec[22329]: 07[IKE] received proposals inacceptable
May 15 18:25:37 vpn ipsec[22329]: 07[ENC] generating IKE_SA_INIT response 0 [ N(NO_PROP) ]
May 15 18:25:37 vpn ipsec[22329]: 07[NET] sending packet: from 23.239.94.13[500] to 78.183.46.165[500] (36 bytes)
May 15 18:25:37 vpn ipsec[22329]: 08[NET] received packet: from 78.183.46.165[500] to 23.239.94.13[500] (408 bytes)
May 15 18:25:37 vpn ipsec[22329]: 08[ENC] parsed ID_PROT request 0 [ SA V V V V V V V V ]
May 15 18:25:37 vpn ipsec[22329]: 08[IKE] no IKE config found for 23.239.94.13...78.183.46.165, sending NO_PROPOSAL_CHOSEN
May 15 18:25:37 vpn charon: 08[IKE] no IKE config found for 23.239.94.13...78.183.46.165, sending NO_PROPOSAL_CHOSEN
May 15 18:25:37 vpn ipsec[22329]: 08[ENC] generating INFORMATIONAL_V1 request 632707512 [ N(NO_PROP) ]
May 15 18:25:37 vpn charon: 08[ENC] generating INFORMATIONAL_V1 request 632707512 [ N(NO_PROP) ]
May 15 18:25:37 vpn charon: 08[NET] sending packet: from 23.239.94.13[500] to 78.183.46.165[500] (40 bytes)
May 15 18:25:38 vpn charon: 09[NET] received packet: from 78.183.46.165[500] to 23.239.94.13[500] (408 bytes)
May 15 18:25:38 vpn charon: 09[ENC] parsed ID_PROT request 0 [ SA V V V V V V V V ]
May 15 18:25:38 vpn charon: 09[IKE] no IKE config found for 23.239.94.13...78.183.46.165, sending NO_PROPOSAL_CHOSEN
May 15 18:25:38 vpn charon: 09[ENC] generating INFORMATIONAL_V1 request 807779773 [ N(NO_PROP) ]
May 15 18:25:38 vpn charon: 09[NET] sending packet: from 23.239.94.13[500] to 78.183.46.165[500] (40 bytes)
May 15 18:25:39 vpn charon: 10[NET] received packet: from 78.183.46.165[500] to 23.239.94.13[500] (408 bytes)
May 15 18:25:39 vpn charon: 10[ENC] parsed ID_PROT request 0 [ SA V V V V V V V V ]
May 15 18:25:39 vpn charon: 10[IKE] no IKE config found for 23.239.94.13...78.183.46.165, sending NO_PROPOSAL_CHOSEN
May 15 18:25:39 vpn charon: 10[ENC] generating INFORMATIONAL_V1 request 1343220388 [ N(NO_PROP) ]
May 15 18:25:39 vpn charon: 10[NET] sending packet: from 23.239.94.13[500] to 78.183.46.165[500] (40 bytes)
May 15 18:25:42 vpn charon: 11[NET] received packet: from 78.183.46.165[500] to 23.239.94.13[500] (408 bytes)
May 15 18:25:42 vpn charon: 11[ENC] parsed ID_PROT request 0 [ SA V V V V V V V V ]
May 15 18:25:42 vpn charon: 11[IKE] no IKE config found for 23.239.94.13...78.183.46.165, sending NO_PROPOSAL_CHOSEN
May 15 18:25:42 vpn charon: 11[ENC] generating INFORMATIONAL_V1 request 105441442 [ N(NO_PROP) ]
May 15 18:25:42 vpn charon: 11[NET] sending packet: from 23.239.94.13[500] to 78.183.46.165[500] (40 bytes)
May 15 18:26:31 vpn kernel: [98049.179469] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:91:37:c0:b0:c6:9a:d4:80:01:08:00 SRC=195.54.160.30 DST=23.239.94.13 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=49198 PROTO=TCP SPT=47749 DPT=6251 WINDOW=1200 RES=0x00 RST URGP=0 
May 15 18:26:33 vpn systemd[1]: Started Session 44 of user root.
May 15 18:26:48 vpn systemd[1]: Started Session 45 of user root.