Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    2.3.2-RELEASE-p1 (amd64) PSK issues

    IPsec
    1
    2
    619
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      alexort11 last edited by

      I'm trying to get my firewall updated to latest and greatest, but have come across a problem with my iPsec tunnels. I have narrowed it down from looking at previous bugs and issues, but I still don't have a fix.

      The problem I see is this:

      My Identifier: distinguished name : hq.myhq.com
      Peer Identifier: user distinguished name: Example_01@example.site.net

      Inside my ipsec.secrets, entries are formatted like this:

      %any Example_01@example.site.net : PSK "encrypted PSK"
example1.site.net : PSK "encrypted PSK"=

      If I delete the %any, the connections work no problem.

      Of course any time the config changes it would break.

      Also, when I create a mobile ipsec connection for my IOS devices, there is no leading %any.

      Why is it inserting the %any when there is a specific identifier listed?

      1 Reply Last reply Reply Quote 0
      • A
        alexort11 last edited by

        Any ideas? Prior to the update, raccoon didn't lead with the %any in the PSK file.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post