4. Can i use an Mail (FQUN) Identifier with password?

Can i use an Mail (FQUN) Identifier with password?

  • K

    Hello,

    we want to create a IPSec VPN with IKEv2 and we for the identifier a Mail (FQUN) entry.
    How can i create such a identifier in PFSense?
    We use at the moment pfsense 2.3.2

    Thanks.
    Greetings

    0
  • Rebel Alliance Developer Netgate

    Set the identifier to User distinguished name and then put the address in the box that shows up.

    0
  • K

    Thanks jiimp.

    There is just another problem with this Identifier.
    We have one pfsense on our headquarter and a lancom vpn router on the other site.
    On the lancom router i configure IKEv2 with Mail identifier and also a PSK for the local site and the remote site (like the my identifier and peer identifier on the pfsense).
    But on the pfsense i can not set a password for these identifiers.

    Am I right assuming that i have the set these passwords in the Pre Shared Key Tab in the IPSec configuration page?
    So i set the identifier in the phase1 to User distinguished and my values. Then i create the same PSK in the "Pre Shared Keys Tab" with the Password i set in the lancom.

    0
  • Rebel Alliance Developer Netgate

    You can try that but if it expects an actual IKEv2 EAP password that isn't going to work. pfSense does not have a way to setup IPsec EAP auth for site-to-site tunnels or outgoing IPsec connections.

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy