Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Site2Site IPsec between 2 pfSense not working

    Scheduled Pinned Locked Moved IPsec
    4 Posts 2 Posters 533 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      LukasN
      last edited by

      Hey there,

      I've been struggling with my IPsec connection all day long.
      As far as I can tell, Phase 1 can't even be established.
      So far I've read the troubleshooting and some forum posts. But nothing worked.
      I even tried to set the Peer/Local-ID to a DN, didn't work.

      Every pfSense has got it's own dedicated public IP.
      The LAN's "inside" each pfSense is just working fine.

      Site A and Site B are configured the exact same way, except for the Remote IP's.

      Site A log:

      d81728e7-59ea-45eb-ba6e-9693a7f197e7-grafik.png

      Site B log:
      19e23cc0-fdab-4065-9e0a-77ad0d17448b-grafik.png

      Site A Phase 1 config:
      c53b3cf7-d1c7-4607-b14e-b80f02226105-grafik.png

      Site B Phase 1 config:
      ca814373-8dbb-4591-9a38-d1061c02c701-grafik.png
      d8d524d0-2ab6-4c09-aa6e-ae6cccc1768d-grafik.png
      7c6ff013-78f8-4cb2-ae16-105949e25618-grafik.png

      I have no more idea, why the log sais, AUTH_FAILED.

      Thanks ahead for any help.

      1 Reply Last reply Reply Quote 0
      • L
        LukasN
        last edited by LukasN

        I just posted it because maybe it will help someone else in the future.
        My problem was my PSK.
        MAC stands for Message Authentication Code. Essentially means you messed up your PSK's.

        This helped me

        I don't see any way to mark this as solved.
        So consider this as solved with this comment.

        K 1 Reply Last reply Reply Quote 0
        • K
          kevindd992002 @LukasN
          last edited by

          @lukasn said in Site2Site IPsec between 2 pfSense not working:

          I just posted it because maybe it will help someone else in the future.
          My problem was my PSK.
          MAC stands for Message Authentication Code. Essentially means you messed up your PSK's.

          This helped me

          I don't see any way to mark this as solved.
          So consider this as solved with this comment.

          So you did not have the same PSK on both sides or something?

          L 1 Reply Last reply Reply Quote 0
          • L
            LukasN @kevindd992002
            last edited by

            @kevindd992002
            Yes, exactly.
            I was sure to 100% that I got it corrent on both sides, but well... wasn't the case here.

            1 Reply Last reply Reply Quote 1
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.