IPSEC with IKEv2 and PSK
-
Hi All,
I think I'm blind or do not understand how this is working.
I want to establish a VPN Tunnel between an ASA an my pfsense and I want to use IKEv2. Now I got the configuration data incl. the two (local and remote) Passwords. The ASA is correctly configured and ready to go.
But, when I now want to configure the IPSEC Tunnel on my pfsense, then I miss the field for TWO Passwords. I can only configure one PSK.
I tried both Passwords in the PSK field in the IPSEC configuration, but I got an AUTH_FAIL in the Logs. Then I tried to configure the both Passwords in the Preshared Key with the IP Addresses as Identifier. But again I'm getting AUTH_FAIL in the Logs.
Where do I have to configured the two Passwords is my question!
Many thanks in advance!
Kind Regards,
DrMxxxxx -
As far as I'm aware of, PSK is just ONE password, shared between both sites. There is no such thing as a local and remote password
-
Think it's the mutual psk + xauth authentication option that you have to use for that. Also only IKEv1 i think.
-
The ASA lets you configure a different local and remote PSK with IKEv2, we use the same for both like most everything else does. Configure both the same on the ASA.
-
Hi All,
thanks for the answers. We decided to take IKEv1 … Now it is working. :)
Regards,
M