Hello I couldn't find any examples with debian linux strongswan using swanctl.conf on the forums, the only examples I've found are for ipsec.conf.

Here is what I know we are using:

1. FortiClient VPN -> IPsec VPN

2. Pre-Shared Key

3. XAuth

Here is my non-working strongswan swanctl.conf:

connections {
	thecompanyvpn {
		remote_addrs = sa.company.com
		version = 1
		aggressive = yes
		proposals = aes256-sha256-modp1536
		local {
			auth = psk
			id = "Tunnel-A"
		}
		remote {
			auth = psk
		}
		local-xauth {
			auth = xauth
			eap_id = worker1
		}
		children {
			child_1 {
				start_action = start
				esp_proposals = aes256-sha256-modp1536
			}
		}
	}
}

secrets {
	ike-company {
		secret = "our preshared key"
	}
	eap-employee {
		id = worker1
		secret = "my secret password"
	}
}

This is the logs:

Oct 08 21:22:04 nova charon-systemd[116776]: parsed TRANSACTION request 853593004 [ HASH CPRQ(X_TYPE X_USER X_PWD) ]
Oct 08 21:22:04 nova charon-systemd[116776]: no XAuth password found for 'Tunnel-A' - '12.27.149.2'
Oct 08 21:22:04 nova charon-systemd[116776]: generating TRANSACTION response 853593004 [ HASH CP ]
Oct 08 21:22:04 nova charon-systemd[116776]: sending packet: from 192.168.5.110[4500] to 12.27.149.2[4500] (76 bytes)
Oct 08 21:22:24 nova charon-systemd[116776]: sending keep alive to 15.27.149.2[4500]
Oct 08 21:22:34 nova charon-systemd[116776]: peer did not initiate expected exchange, reestablishing IKE_SA
Oct 08 21:22:34 nova charon-systemd[116776]: reinitiating IKE_SA thecompanyvpn[1]
Oct 08 21:22:34 nova charon-systemd[116776]: initiating Aggressive Mode IKE_SA thecompanyvpn[1] to 15.27.149.2
Oct 08 21:22:34 nova charon-systemd[116776]: generating AGGRESSIVE request 0 [ SA KE No ID V V V V V ]
Oct 08 21:22:34 nova charon-systemd[116776]: sending packet: from 192.168.5.110[4500] to 15.27.149.2[4500] (428 bytes)

I would really appreciate some help fixing my configuration so that I can connect to the VPN.  Thanks for anyone reading out there!