IPsec to a Linksys VPN router BEFVP41 not working [SOLVED]
-
Sep 23 23:41:11 racoon: [Unknown Gateway/Dynamic]: ERROR: such policy already exists. anyway replace it: 172.24.60.0/24[0] 172.25.20.0/24[0] proto=any dir=in
Sep 23 23:41:11 racoon: [Unknown Gateway/Dynamic]: ERROR: such policy already exists. anyway replace it: 172.25.20.0/24[0] 172.24.60.0/24[0] proto=any dir=out
Sep 23 23:41:11 racoon: [Unknown Gateway/Dynamic]: ERROR: such policy already exists. anyway replace it: 172.25.20.0/24[0] 172.25.20.1/32[0] proto=any dir=in
Sep 23 23:41:11 racoon: [Unknown Gateway/Dynamic]: ERROR: such policy already exists. anyway replace it: 172.25.20.1/32[0] 172.25.20.0/24[0] proto=any dir=out
Sep 23 23:41:11 racoon: INFO: unsupported PF_KEY message REGISTER
Sep 23 23:41:11 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): UDP_ENCAP Invalid argument
Sep 23 23:41:11 racoon: [Self]: INFO: x.x.x.x[500] used as isakmp port (fd=15)
Sep 23 23:41:11 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP): UDP_ENCAP Invalid argument
Sep 23 23:41:11 racoon: [Self]: INFO: x.x.x.x[4500] used as isakmp port (fd=14)
Sep 23 23:41:11 racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
Sep 23 23:41:11 racoon: INFO: @(#)This product linked OpenSSL 0.9.8e 23 Feb 2007 (http://www.openssl.org/)
Sep 23 23:41:11 racoon: INFO: @(#)ipsec-tools 0.7.2 (http://ipsec-tools.sourceforge.net)I am having trouble getting the router to work with pfsense using ver 2.0, what additional info do you guys need to help me out? I see several people have IPsec working with pfsense and the same linksys so it must be something obvious, i am confident that both ends are configured the same, any help would be awesome!
-
Looks like your pfSense snapshot is a little out of date.
When is that from? That UDP_ENCAP error was fixed a while ago. I'd update and then try again, to make sure that it isn't a problem with the snapshot you're using.
Also, check Status > IPsec, see if it shows up there.
And did you add firewall rules on the IPsec tab?
-
Looks like your pfSense snapshot is a little out of date.
When is that from? That UDP_ENCAP error was fixed a while ago. I'd update and then try again, to make sure that it isn't a problem with the snapshot you're using.
Was using snapshot from the 18th, I just updated to:
2.0-ALPHA-ALPHA
built on Wed Sep 23 11:28:05 UTC 2009
FreeBSD 7.2-RELEASE-p3Also, check Status > IPsec, see if it shows up there.
And did you add firewall rules on the IPsec tab?
A picture is worth 1000 words, here are 8 snaps:
Log file:
Sep 25 21:25:01 racoon: [Unknown Gateway/Dynamic]: ERROR: such policy already exists. anyway replace it: 172.25.60.0/24[0] 172.25.20.0/24[0] proto=any dir=in
Sep 25 21:25:01 racoon: [Unknown Gateway/Dynamic]: ERROR: such policy already exists. anyway replace it: 172.25.20.0/24[0] 172.25.60.0/24[0] proto=any dir=out
Sep 25 21:25:01 racoon: [Unknown Gateway/Dynamic]: ERROR: such policy already exists. anyway replace it: 172.25.20.0/24[0] 172.25.20.1/32[0] proto=any dir=in
Sep 25 21:25:01 racoon: [Unknown Gateway/Dynamic]: ERROR: such policy already exists. anyway replace it: 172.25.20.1/32[0] 172.25.20.0/24[0] proto=any dir=out
Sep 25 21:25:01 racoon: INFO: unsupported PF_KEY message REGISTER
Sep 25 21:25:01 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): UDP_ENCAP Invalid argument
Sep 25 21:25:01 racoon: [Self]: INFO: x.x.x.x[500] used as isakmp port (fd=15)
Sep 25 21:25:01 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP): UDP_ENCAP Invalid argument
Sep 25 21:25:01 racoon: [Self]: INFO: x.x.x.x[4500] used as isakmp port (fd=14)
Sep 25 21:25:01 racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
Sep 25 21:25:01 racoon: INFO: @(#)This product linked OpenSSL 0.9.8e 23 Feb 2007 (http://www.openssl.org/)
Sep 25 21:25:01 racoon: INFO: @(#)ipsec-tools 0.7.2 (http://ipsec-tools.sourceforge.net)Now I just reboot both locations and still no luck ??? ???
-
it just started working!!!!!!!!! i didnt change a thing, people can use my screens if they need help setting up ipsec with pfsense and a linksys BEFVP41