ipsec cant conncet



  • why cant conncet ipsec ```
    ===group
    Sep 30 15:19:21 charon 15[IKE] <con1000|30> sending XAuth vendor ID
    Sep 30 15:19:21 charon 15[IKE] <con1000|30> sending DPD vendor ID
    Sep 30 15:19:21 charon 15[IKE] <con1000|30> sending FRAGMENTATION vendor ID
    Sep 30 15:19:21 charon 15[IKE] <con1000|30> sending NAT-T (RFC 3947) vendor ID
    Sep 30 15:19:21 charon 15[IKE] <con1000|30> sending draft-ietf-ipsec-nat-t-ike-02\n vendor ID
    Sep 30 15:19:21 charon 15[IKE] <con1000|30> initiating Main Mode IKE_SA con1000[30] to 88.88.88.88
    Sep 30 15:19:21 charon 15[IKE] <con1000|30> IKE_SA con1000[30] state change: CREATED => CONNECTING
    Sep 30 15:19:21 charon 15[CFG] <con1000|30> configured proposals: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
    Sep 30 15:19:21 charon 15[ENC] <con1000|30> generating ID_PROT request 0 [ SA V V V V V ]
    Sep 30 15:19:21 charon 15[NET] <con1000|30> sending packet: from 77.77.77.77[500] to 88.88.88.88[500] (180 bytes)
    Sep 30 15:19:21 charon 08[CFG] vici client 1673 connected
    Sep 30 15:19:21 charon 15[CFG] vici client 1673 registered for: list-sa
    Sep 30 15:19:21 charon 08[CFG] vici client 1673 requests: list-sas
    Sep 30 15:19:21 charon 06[CFG] vici client 1673 disconnected
    Sep 30 15:19:25 charon 06[IKE] <con1000|30> sending retransmit 1 of request message ID 0, seq 1
    Sep 30 15:19:25 charon 06[NET] <con1000|30> sending packet: from 77.77.77.77[500] to 88.88.88.88[500] (180 bytes)
    Sep 30 15:19:26 charon 15[CFG] vici client 1674 connected
    Sep 30 15:19:26 charon 06[CFG] vici client 1674 registered for: list-sa
    Sep 30 15:19:26 charon 06[CFG] vici client 1674 requests: list-sas
    Sep 30 15:19:26 charon 13[CFG] vici client 1674 disconnected
    Sep 30 15:19:31 charon 15[CFG] vici client 1675 connected
    Sep 30 15:19:31 charon 15[CFG] vici client 1675 registered for: list-sa
    Sep 30 15:19:31 charon 15[CFG] vici client 1675 requests: list-sas
    Sep 30 15:19:31 charon 15[CFG] vici client 1675 disconnected
    Sep 30 15:19:32 charon 13[IKE] <con1000|30> sending retransmit 2 of request message ID 0, seq 1
    Sep 30 15:19:32 charon 13[NET] <con1000|30> sending packet: from 77.77.77.77[500] to 88.88.88.88[500] (180 bytes)
    Sep 30 15:19:35 charon 11[CFG] vici client 1676 connected
    Sep 30 15:19:35 charon 11[CFG] vici client 1676 registered for: list-sa
    Sep 30 15:19:35 charon 13[CFG] vici client 1676 requests: list-sas
    Sep 30 15:19:35 charon 11[CFG] vici client 1676 disconnected
    Sep 30 15:19:36 charon 11[JOB] <29> deleting half open IKE_SA with 78.38.103.44 after timeout
    Sep 30 15:19:36 charon 11[IKE] <29> IKE_SA (unnamed)[29] state change: CONNECTING => DESTROYING
    Sep 30 15:19:38 charon 09[CFG] vici client 1677 connected
    Sep 30 15:19:38 charon 09[CFG] vici client 1677 registered for: list-sa
    Sep 30 15:19:38 charon 11[CFG] vici client 1677 requests: list-sas
    Sep 30 15:19:38 charon 09[CFG] vici client 1677 disconnected
    Sep 30 15:19:39 charon 12[CFG] vici client 1678 connected
    Sep 30 15:19:39 charon 12[CFG] vici client 1678 registered for: list-sa
    Sep 30 15:19:39 charon 12[CFG] vici client 1678 requests: list-sas
    Sep 30 15:19:39 charon 11[CFG] vici client 1678 disconnected
    Sep 30 15:19:43 charon 14[CFG] vici client 1679 connected
    Sep 30 15:19:43 charon 14[CFG] vici client 1679 registered for: list-sa
    Sep 30 15:19:43 charon 12[CFG] vici client 1679 requests: list-sas
    Sep 30 15:19:43 charon 14[CFG] vici client 1679 disconnected
    Sep 30 15:19:45 charon 12[IKE] <con1000|30> sending retransmit 3 of request message ID 0, seq 1
    Sep 30 15:19:45 charon 12[NET] <con1000|30> sending packet: from 77.77.77.77[500] to 88.88.88.88[500] (180 bytes)
    Sep 30 15:19:45 charon 05[CFG] vici client 1680 connected
    Sep 30 15:19:45 charon 05[CFG] vici client 1680 registered for: list-sa
    Sep 30 15:19:45 charon 12[CFG] vici client 1680 requests: list-sas
    Sep 30 15:19:45 charon 12[CFG] vici client 1680 disconnected

    
    i use this tutrial [link text](https://www.ceos3c.com/pfsense/pfsense-site-to-site-vpn/)


  • @hamed_forum

    Hey
    Host 88.88.88.88 does not respond to a sent packet
    You need to check the settings on the other side of the tunnel.


Log in to reply