4. Can i use an Mail (FQUN) Identifier with password?

Can i use an Mail (FQUN) Identifier with password?

  • K

    Hello,

    we want to create a IPSec VPN with IKEv2 and we for the identifier a Mail (FQUN) entry.
    How can i create such a identifier in PFSense?
    We use at the moment pfsense 2.3.2

    Thanks.
    Greetings

    0
  • Rebel Alliance Developer Netgate

    Set the identifier to User distinguished name and then put the address in the box that shows up.

    0
  • K

    Thanks jiimp.

    There is just another problem with this Identifier.
    We have one pfsense on our headquarter and a lancom vpn router on the other site.
    On the lancom router i configure IKEv2 with Mail identifier and also a PSK for the local site and the remote site (like the my identifier and peer identifier on the pfsense).
    But on the pfsense i can not set a password for these identifiers.

    Am I right assuming that i have the set these passwords in the Pre Shared Key Tab in the IPSec configuration page?
    So i set the identifier in the phase1 to User distinguished and my values. Then i create the same PSK in the "Pre Shared Keys Tab" with the Password i set in the lancom.

    0
  • Rebel Alliance Developer Netgate

    You can try that but if it expects an actual IKEv2 EAP password that isn't going to work. pfSense does not have a way to setup IPsec EAP auth for site-to-site tunnels or outgoing IPsec connections.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy