Hi Vikas,
I have checked the settings you have asked me to:
> 1: in you Android client, can you try configuring IPSec identifier same as the ikeID user in the netscreen.
Yes, I did that. Without exactly the same identifier on Android as my user has on Netscreen I am getting:
2017-04-28T12:10:35.774333+02:00 firewall firewall: NetScreen device_id=firewall [Root]system-information-00536: Rejected an IKE packet on ethernet0/9 from W.X.Y.Z:26637 to A.B.C.D:500 with cookies 0a063e6232e4fcd6 and 0000000000000000 because an initial Phase 1 packet arrived from an unrecognized peer gateway. (2017-04-28 12:10:35)
So yes, I have proper identifier on Android.
> 2: OR User/Group name same as in IKE gateway config?
This I do not understand.
> 3: Are you using any local id in the IKE gateway config?
No.
> 4: Strongswan is not working because it's using ikeV2.
Yes, StrongSwan is using ikev2 that is why I have configured new VPN config for ikev2 according to howto from my first post. And it is working perfectly fine with iOS devices. But not with StrongSwan on my Android.