IPsec such policy does not already exist

ameno_123 · Dec 18, 2009, 9:05 PM

Hi,
I have this erreur in my log :

racoon: ERROR: such policy does not already exist: "192.168.0.0/24[0] 192.168.1.10/32[0] proto=any dir=out"
racoon: ERROR: such policy does not already exist: "192.168.1.10/32[0] 192.168.0.0/24[0] proto=any dir=in"

My lan office : 192.168.0.0
Pfsense IP : 192.168.0.1
My IP home : 192.168.1.10

I want connect to my office with IPsec.
I ping Pfsense, i dont ping my server office : 192.168.0.100

firewall log :
block in on enc0: 192.168.1.10 > 192.168.0.100: ICMP echo request, id 1, seq 1599, length 40
4. 996311 rule 74/0(match): block in on enc0: 192.168.1.10 > 192.168.0.100: ICMP echo request, id 1, seq 1600, length 40
4. 995961 rule 74/0(match): block in on enc0: 192.168.1.10 > 192.168.0.100: ICMP echo request, id 1, seq 1601, length 40

what is the solution!?

nb: excuse my bad english (:

jimp · Dec 19, 2009, 12:19 AM

That error is normal, especially if your tunnels are using main mode.

It looks like you need to add firewall rules on the IPsec tab under Firewall > Rules. If you want to allow everything add a rule to allow all protocols from any to any. Be sure you set the protocol to "any" because it defaults to TCP.

ameno_123 · Dec 19, 2009, 1:39 AM

:) work fine.. tnks
I ping only ip dhcp on remote network, and i dont ping de fixed ip…