Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IKEv1 Xauth could not connect a windows box

    Scheduled Pinned Locked Moved IPsec
    7 Posts 2 Posters 802 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • perikoP
      periko
      last edited by

      Hi people.

      I trying to setup ipsec using this part of the book:

      IKEv1 Xauth

      I could finally connect 2 smartphones android, good.

      This is my config:

      ipsec-conf.png

      Latter I try to connect a windows 7/10 using the software:

      www.shrew.net

      But no luck, I had try different settings, lower values, the client say is connected but could transmit nothing.

      This is part of my logs.

      ipsec-1.png

      ipsec-2.png

      ipsec-3.png

      ipsec-4.png

      Now once I get connection with the vpn, I lost my access to internet but could even access the lan behind the pfsense-ipsec server.

      Any help I will appreciated, running latest pfsense version 2.4.4_p3 😀

      Necesitan Soporte de Pfsense en México?/Need Pfsense Support in Mexico?
      www.bajaopensolutions.com
      https://www.facebook.com/BajaOpenSolutions
      Quieres aprender PfSense, visita mi canal de youtube:
      https://www.youtube.com/c/PedroMorenoBOS

      1 Reply Last reply Reply Quote 0
      • viktor_gV
        viktor_g Netgate
        last edited by

        Please show Firewall rules of IPsec tab

        perikoP 1 Reply Last reply Reply Quote 0
        • perikoP
          periko @viktor_g
          last edited by

          @viktor_g here it goes.

          ipsec-5.png

          Thanks.

          NOTE: my smartphones can see the local network.

          Necesitan Soporte de Pfsense en México?/Need Pfsense Support in Mexico?
          www.bajaopensolutions.com
          https://www.facebook.com/BajaOpenSolutions
          Quieres aprender PfSense, visita mi canal de youtube:
          https://www.youtube.com/c/PedroMorenoBOS

          viktor_gV 1 Reply Last reply Reply Quote 0
          • viktor_gV
            viktor_g Netgate @periko
            last edited by

            @periko Try to change it to any/any and check
            like this:
            Screenshot from 2019-09-19 23-04-47.png

            perikoP 1 Reply Last reply Reply Quote 0
            • perikoP
              periko @viktor_g
              last edited by

              @viktor_g I had try that rule, but same behavior, can be software?

              Necesitan Soporte de Pfsense en México?/Need Pfsense Support in Mexico?
              www.bajaopensolutions.com
              https://www.facebook.com/BajaOpenSolutions
              Quieres aprender PfSense, visita mi canal de youtube:
              https://www.youtube.com/c/PedroMorenoBOS

              1 Reply Last reply Reply Quote 0
              • perikoP
                periko
                last edited by

                This is my mobile phone...

                ipsec-6.png

                Necesitan Soporte de Pfsense en México?/Need Pfsense Support in Mexico?
                www.bajaopensolutions.com
                https://www.facebook.com/BajaOpenSolutions
                Quieres aprender PfSense, visita mi canal de youtube:
                https://www.youtube.com/c/PedroMorenoBOS

                1 Reply Last reply Reply Quote 0
                • viktor_gV
                  viktor_g Netgate
                  last edited by

                  It seems that your IPsec network addresses not NATed to WAN interface IP
                  You need to create appropriate NAT rules

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.