Comments on How to Setup IKEv2 IPSec VPN Using strongSwan and Let's Encrypt on Rocky Linux 9

Hi I followed this tutorial to configure StrongSwan in Alma9. The strongswan server is running properly.When we connect to the VPN in windows 10, it shows "Policy match error".

Sstrongswan service is working fine.

? strongswan.service - strongSwan IPsec IKEv1/IKEv2 daemon using swanctl

     Loaded: loaded (/usr/lib/systemd/system/strongswan.service; enabled; preset: disabled)

     Active: active (running) since Mon 2023-05-29 22:41:35 IST; 2s ago

    Process: 9173 ExecStartPost=/usr/sbin/swanctl --load-all --noprompt (code=exited, status=0/SUCCESS)

   Main PID: 9148 (charon-systemd)

     Status: "charon-systemd running, strongSwan 5.9.10, Linux 5.14.0-284.11.1.el9_2.x86_64, x86_64"

      Tasks: 17 (limit: 24094)

     Memory: 3.6M

        CPU: 69ms

     CGroup: /system.slice/strongswan.service

##############################################################

 loaded certificate from '/etc/strongswan/swanctl/x509/fullchain.pem'

 loaded certificate from '/etc/strongswan/swanctl/x509ca/chain.pem'

 loaded private key from '/etc/strongswan/swanctl/private/privkey.pem'

 loaded eap secret 'eap-User1'

 no authorities found, 0 unloaded

 loaded pool 'pool-ipv4'

 successfully loaded 1 pools, 0 unloaded

 loaded connection 'ikev2-eap-mschapv2'

 successfully loaded 1 connections, 0 unloaded

 Started strongSwan IPsec IKEv1/IKEv2 daemon using swanctl.

 14[NET] received packet: from 103.69.38.19[500] to 172.30.10.5[500] (1104 bytes)

 14[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(FRAG_SUP) N(NATD_S_IP) N(NATD_D_IP) V V V V ]

 14[IKE] no IKE config found for 172.30.10.5...10.10.1.5, sending NO_PROPOSAL_CHOSEN

 14[ENC] generating IKE_SA_INIT response 0 [ N(NO_PROP) ]

 14[NET] sending packet: from 172.30.10.5[500] to [500] (36 bytes)

Please suggest. How to fix it