Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense with fritzbox ipsec client

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 198 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      netblues
      last edited by

      As the title says..
      FRITZ!OS: 07.13 (latest)
      pfsense 2.4.5p1
      I have googled various recent resources and it is supposed to work
      e.g. https://mlohr.com/fritzbox-lan-2-lan-vpn-with-pfsense/

      It fails at: found 1 matching config, but none allows pre-shared key authentication using Aggressive Mode

      The client is behind cgn, however I thing that's irrelevant at the moment.

      Any pointers more than welcome

      Relevant logs follow

      Sep 26 10:39:25 charon 07[ENC] <8044> generating INFORMATIONAL_V1 request 255170443 [ N(AUTH_FAILED) ]
      Sep 26 10:39:25 charon 07[IKE] <8044> activating INFORMATIONAL task
      Sep 26 10:39:25 charon 07[IKE] activating INFORMATIONAL task
      Sep 26 10:39:25 charon 07[IKE] <8044> activating new tasks
      Sep 26 10:39:25 charon 07[IKE] activating new tasks
      Sep 26 10:39:25 charon 07[IKE] <8044> queueing INFORMATIONAL task
      Sep 26 10:39:25 charon 07[IKE] queueing INFORMATIONAL task
      Sep 26 10:39:25 charon 07[IKE] <8044> found 1 matching config, but none allows pre-shared key authentication using Aggressive Mode
      Sep 26 10:39:25 charon 07[IKE] found 1 matching config, but none allows pre-shared key authentication using Aggressive Mode
      Sep 26 10:39:25 charon 07[CFG] <8044> candidate "bypasslan", match: 1/1/24 (me/other/ike)
      Sep 26 10:39:25 charon 07[CFG] <8044> looking for pre-shared key peer configs matching 5.54.225.230...146.0.189.105[146.0.189.105]
      Sep 26 10:39:25 charon 07[CFG] <8044> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_1024
      Sep 26 10:39:25 charon 07[CFG] <8044> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_1024

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.