Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSEC Mobile Configuration using Shrewsoft

    Scheduled Pinned Locked Moved IPsec
    6 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      sic08869
      last edited by

      I recently upgraded a device from 2.1.5 to 2.2 and had to roll back due to mobile connection issues. After rolling back I went to another device that does not require vpn connectivity and upgraded that device.  Using https://doc.pfsense.org/index.php/IPsec_for_road_warriors_in_PfSense_2.0.1_with_PSK_in_stead_of_xauth for my configuration I was not able to successfully establish a connection.  I have read every post related to the topic and still cannot get a working configuration.

      Could anyone please post screen shots of a working IPSEC Mobile user config? I would be in ever debt! :D

      1 Reply Last reply Reply Quote 0
      • S Offline
        sic08869
        last edited by

        When restarting the ipsec service I get this:

        Feb 19 14:00:56 charon: 00[LIB] loaded plugins: charon unbound aes des blowfish rc2 sha1 sha2 md4 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey ipseckey pem openssl fips-prf gmp xcbc cmac hmac curl attr kernel-pfkey kernel-pfroute resolve socket-default stroke smp updown eap-identity eap-sim eap-aka eap-aka-3gpp2 eap-md5 eap-mschapv2 eap-dynamic eap-radius eap-tls eap-ttls eap-peap xauth-generic xauth-eap whitelist addrblock unity

        Feb 19 14:00:56 charon: 00[LIB] unable to load 6 plugin features (5 due to unmet dependencies)

        I assume thats not normal?

        1 Reply Last reply Reply Quote 0
        • C Offline
          charliem
          last edited by

          @sic08869:

          Feb 19 14:00:56 charon: 00[LIB] unable to load 6 plugin features (5 due to unmet dependencies)
          I assume thats not normal?

          It's standard, and what I've seen since 2.2 alpha.  Of course, it's clear IPSEC in 2.2 has some challenges, but I don't think this is the direct cause of any.

          1 Reply Last reply Reply Quote 0
          • S Offline
            sic08869
            last edited by

            Thank you Charlie, I just dont understand why I am having such issues with migrating to this. I have tried so many combinations to get this right and it just will not authenticate.

            If I dont use xauth, it will not connect at all.

            When using xauth it tells me "authentication error"

            1 Reply Last reply Reply Quote 0
            • C Offline
              charliem
              last edited by

              I don't have a working shrewsoft / pfSense 2.2 configuration to give you, sorry.  Did you read the IPSEC paragraphs of the 2.2 announcement?  There are some work-arounds in there: https://blog.pfsense.org/?p=1546

              There are a number of IPSEC issues being tracked and targeted for fixing in a 2.2.1 release.

              1 Reply Last reply Reply Quote 0
              • S Offline
                sic08869
                last edited by

                Thanks for the link charlie I had not seen that. Will give some of it a go. :D

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.