Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ikev2 windows inbuilt EAP-RADIUS vpn is not working.

    Scheduled Pinned Locked Moved IPsec
    2 Posts 2 Posters 439 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nikhilsalunke
      last edited by

      Hello all,

      I have a ikev2 EAP-RADIUS vpn configured for the mobile clients. it works fine with few windows host but didn't work on other host. It gives the error "ike authentication credentials are unacceptable"(error code 13801).I double checked to make sure none of the below is the reason.
      The certificate is expired.
      The trusted root for the certificate is not present on the client.
      The subject name of the certificate does not match the remote computer.
      The certificate does not have the required Enhanced Key Usage (EKU) values assigned.
      from the pfsense logs entry I can see that pfsense firewall sending traffic to the client but not going any further and after timeout deletes the half open IKE_SA with pfsense firewall. Any help ?

      Screenshot 2021-10-20 at 16.34.32.png

      R 1 Reply Last reply Reply Quote 0
      • R
        rolytheflycatcher @nikhilsalunke
        last edited by

        @nikhilsalunke Is it possibly linked to this?

        https://forum.netgate.com/topic/89558/ipsec-pmtu/17?_=1634945881916

        EAP / RADIUS can cause UDP packets that need to be fragmented and relies on PMTUD working.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.