IPSEC mobile AUTHENTICATE



  • This post is deleted!


  • Further information :

    I had misunderstood the term "Local Database", I thought it was equal to "pre-shared keys" when it was not at all.

    So I tried to connect with a local user at pfsense and it doesn't work either.

    Only pre-shared key authentication works.

    On the other hand when I try to authenticate in the "Diagnostics --> Authentication" tab it works well for both methods "Local and Radius".

    There is also another notion that I think I misunderstood:

    In the creation of the pfsense certificate I mention in SAN the DNS name of my pfsense "PfsenseMASTER_OVH.lgdd.local" and in IP address "Public WAN IP".

    But I authenticate my VPN clients with the public IP address rather than the DNS name.
    In the P1 configuration of the tunnel, I also mention this IP address in "My login".

    Why do I do this?

    Well for me it is impossible for a client to resolve the DNS name "PfsenseMASTER_OVH.lgdd.local" because it is not known to the internet.
    Whereas the public IP is reachable from the internet.

    I see in all the tutorials that you have to put the DNS name but in my opinion it can't work.

    Can you explain me, if I'm wrong?



  • c62931b1-b5a5-4152-98d7-656347d1867d-image.png

    "Leftauth" c'est bien pour l'authentification en local?

    La valeur pubkey est-elle bonne?


Log in to reply