Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VPN IPSEC Site-to-Site(Tunel não sobe)

    Scheduled Pinned Locked Moved Portuguese
    3 Posts 2 Posters 404 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      PedroBelliato
      last edited by

      Olá galera, boa tarde!

      Estou com dificuldade para fechamento do tunel ente Matriz e Filial.

      Minhas Configurações:

      Matriz:
      Interface Wan: xxx.xxx.xx.58
      Rede lan: 192.168.15.0/24

      Filial:
      Interface Wan: xxx.xxx.xx.65
      Rede lan: 192.168.20.0/24

      Lado Matriz:

      Config da VPN:
      Fase 1
      Protocolo: IKEv1
      Interface: Wan
      Gateway Remoto: xxxx.xxx.xxx.65
      Descrição:VPN-SITE-A

      Metodo de Auten: PSK Mutuo
      Modo d/Negocia: Main
      My Identifier: My IP Address
      Peer Identifier: Peer Ip Address
      Pre-Shered Key: xxxxxxx
      Algoritimo : AES/256
      Hash: Sha256
      DH Group:14(2048)
      Lifetime: 28800

      Fase 2:
      Mode: IPv4
      Local Network: Lan subnet
      Remote Network: 192.168.20.0/24

      Protocol: ESP
      Encryption Alg: AES/256 bits
      Hash: SHA256
      PFS KEY GROUP:14(2048)
      Lifetime:3600

      Lado Filial:
      Config da VPN:
      Fase 1
      Protocolo: IKEv1
      Interface: Wan
      Gateway Remoto: xxxx.xxx.xxx.58
      Descrição:VPN-SITE-A

      Metodo de Auten: PSK Mutuo
      Modo d/Negocia: Main
      My Identifier: My IP Address
      Peer Identifier: Peer Ip Address
      Pre-Shered Key: xxxxxxx
      Algoritimo : AES/256
      Hash: Sha256
      DH Group:14(2048)
      Lifetime: 28800

      Fase 2:
      Mode: IPv4
      Local Network: Lan subnet
      Remote Network: 192.168.15.0/24

      Protocol: ESP
      Encryption Alg: AES/256 bits
      Hash: SHA256
      PFS KEY GROUP:14(2048)
      Lifetime:3600

      Logs:
      Jun 20 12:39:42 charon 11[NET] <con1000|23> sending packet: from 192.168.0.100[4500] to xxx.xxx.xxx..65[4500] (108 bytes)
      Jun 20 12:39:42 charon 11[NET] <con1000|23> received packet: from xxx.xxxx.xxx.65[4500] to 192.168.0.100[4500] (108 bytes)
      Jun 20 12:39:42 charon 11[ENC] <con1000|23> parsed INFORMATIONAL_V1 request 1017745080 [ HASH N(AUTH_FAILED) ]
      Jun 20 12:39:42 charon 11[IKE] <con1000|23> received AUTHENTICATION_FAILED error notify
      Jun 20 12:39:42 charon 11[IKE] <con1000|23> IKE_SA con1000[23] state change: CONNECTING => DESTROYING

      un 20 12:42:25 charon 05[ENC] <con1000|23> generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
      Jun 20 12:42:25 charon 05[NET] <con1000|23> sending packet: from 192.168.25.20[4500] to xxx.xxxx.xxx.58[4500] (108 bytes)
      Jun 20 12:42:25 charon 05[NET] <con1000|23> received packet: from xxx.xxx.xxx.58[4500] to 192.168.25.20[4500] (108 bytes)
      Jun 20 12:42:25 charon 05[ENC] <con1000|23> parsed INFORMATIONAL_V1 request 2429608356 [ HASH N(AUTH_FAILED) ]
      Jun 20 12:42:25 charon 05[IKE] <con1000|23> received AUTHENTICATION_FAILED error notify

      e0a4a911-0275-4383-ae6b-773f9f5df201-image.png

      87b10c9d-37ed-494f-9173-979c8f7a4dd3-image.png

      c430d316-32b8-4f6d-a9b6-d16c1d1f7899-image.png

      0c2ba47e-9735-415c-b440-fcc000aeb671-image.png

      c1626027-5838-4d8b-99b6-d1477dcfedba-image.png

      1 Reply Last reply Reply Quote 0
      • P
        pskinfra
        last edited by

        @PedroBelliato said in VPN IPSEC Site-to-Site(Tunel não sobe):

        received AUTHENTICATION_FAILED error notify

        "received AUTHENTICATION_FAILED error notify".

        Amigo, erro na autenticação!

        Abraços

        --
        E-mail: tleite@bsd.com.br
        Whatsapp: (021) 9 6403-5250

        P 1 Reply Last reply Reply Quote 0
        • P
          PedroBelliato @pskinfra
          last edited by

          @pskinfra já validei as configurações estão corretas e a chave compartilhada esta correta em ambos os lados.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.