Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Draytek modem and Netgate Ipsec problem

    IPsec
    2
    2
    144
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tayfun1981 last edited by

      Hello,

      Netgate device in the center we are using has changed from 2.2.x to 2.3.5. The Ipsec (Site to Site Vpn) connection configured between branches could not be connected after the update was made. When I check Pfsense, “PHP ERROR: Type: 1, File: /etc/inc/config.lib.inc, Line: 982, Message: Call to undefined function pfSense_fsync .DES is no longer supported, IPsec phase 2 item 'Ankara Phase 2' is being disabled.” I get a warning. We use Draytek Vigor 2820 and Vigor 2760 modem in branches. What algorithm and settings can I use to connect these devices? Thank you in advance for your help.

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        That's up to what the Draytek supports. DES has been broken for ages, it should never have been in use in a modern environment. If the Draytek supports AES-128 or better, use that. Failing that, at least use 3DES.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post