How to config 2 or more dailup IPSec VPN tunnel using Remote gateway IP-0.0.0.0 ? The error is showning " The following input errors were detected: The remote gateway "0.0.0.0" is already used by phase1 "DAILUP-2"."

sandeepvkm

DAILUP TUNNEL ISSUE .JPG

How to config 2 or more dailup IPSec VPN tunnel using Remote gateway IP-0.0.0.0 ? The error is showing
" The following input errors were detected: The remote gateway "0.0.0.0" is already used by phase1 "DAILUP-2"."

Dear team Kindly help us to solve this issue

kiokoman

uhm you need to patch
vpn_ipsec_phase1.php
ikev2 should be able to handle multiple phase1 with the same ip
file is /usr/local/www/vpn_ipsec_phase1.php
if you can test this change line 291 to

if (($ph1tmp['remote-gateway'] == $tremotegw) && !isset($ph1tmp['disabled']) && $pconfig['iketype'] == "ikev1") {

sandeepvkm

WORKING LIKE A CHARM

kiokoman

i didn't notice before but there was already a redmine for this
it seems that they need time to correctly implement this so take in mind that my suggestion can lead to possible misbehavior
the use of dyndns is suggested instead of 0.0.0.0
for reference:
https://redmine.pfsense.org/issues/7410
https://redmine.pfsense.org/issues/9768
https://redmine.pfsense.org/issues/10234

sandeepvkm

@kiokoman Tunnel bases IPsec S2S VPN is working fine. But
Routed(VTI) Based site to site IPSecVPN ping access (tunnel is up but no network traffic) not working when config Dailup VPN (VPN remote gateway IP- 0.0.0.0).
You have any idea about this?

It's will work when i change vpn remote gateway ip from 0.0.0.0 to static(but i have no static ip).

Kindly request you to give solution this problem.

kiokoman

no idea sorry, as jimp mentioned 0.0.0.0 is used for other stuff inside pfsense, you need to wait for the dev to find a better solution or use dyndns