• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Encryption domains with Cisco Vpn

Scheduled Pinned Locked Moved IPsec
2 Posts 2 Posters 909 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    mdurrani
    last edited by Aug 4, 2016, 4:40 AM

    I created a VPN with PfSense from my side and Cisco firewall to other side. Phase 1 is established in both sides, phase 2 is down from my side and Active Idle to other side.

    Otherside told me that traffic has to go trough 2 encryption domain, otherwise they can not allow the VPN (policies company).

    I think that I created the 2 encryption domain in phase 2, but I dont know why not work.

    Pls help

    1 Reply Last reply Reply Quote 0
    • J
      jimp Rebel Alliance Developer Netgate
      last edited by Aug 4, 2016, 4:00 PM

      "Encryption domain" in Cisco-speak is a Phase 2 entry. Something in there must not match their side exactly.

      Set your IPsec logging as shown under https://doc.pfsense.org/index.php/IPsec_Troubleshooting#Common_Errors_.28strongSwan.2C_pfSense_.3E.3D_2.2.x.29 and see what shows up when the Cisco side tries to initiate the tunnel.

      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received