Pfsense with fritzbox ipsec client



  • As the title says..
    FRITZ!OS: 07.13 (latest)
    pfsense 2.4.5p1
    I have googled various recent resources and it is supposed to work
    e.g. https://mlohr.com/fritzbox-lan-2-lan-vpn-with-pfsense/

    It fails at: found 1 matching config, but none allows pre-shared key authentication using Aggressive Mode

    The client is behind cgn, however I thing that's irrelevant at the moment.

    Any pointers more than welcome

    Relevant logs follow

    Sep 26 10:39:25 charon 07[ENC] <8044> generating INFORMATIONAL_V1 request 255170443 [ N(AUTH_FAILED) ]
    Sep 26 10:39:25 charon 07[IKE] <8044> activating INFORMATIONAL task
    Sep 26 10:39:25 charon 07[IKE] activating INFORMATIONAL task
    Sep 26 10:39:25 charon 07[IKE] <8044> activating new tasks
    Sep 26 10:39:25 charon 07[IKE] activating new tasks
    Sep 26 10:39:25 charon 07[IKE] <8044> queueing INFORMATIONAL task
    Sep 26 10:39:25 charon 07[IKE] queueing INFORMATIONAL task
    Sep 26 10:39:25 charon 07[IKE] <8044> found 1 matching config, but none allows pre-shared key authentication using Aggressive Mode
    Sep 26 10:39:25 charon 07[IKE] found 1 matching config, but none allows pre-shared key authentication using Aggressive Mode
    Sep 26 10:39:25 charon 07[CFG] <8044> candidate "bypasslan", match: 1/1/24 (me/other/ike)
    Sep 26 10:39:25 charon 07[CFG] <8044> looking for pre-shared key peer configs matching 5.54.225.230...146.0.189.105[146.0.189.105]
    Sep 26 10:39:25 charon 07[CFG] <8044> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_1024
    Sep 26 10:39:25 charon 07[CFG] <8044> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_1024


Log in to reply