• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

SecureW2 ipsec eap-tls

Scheduled Pinned Locked Moved IPsec
ipsecikev2
1 Posts 1 Posters 763 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A
    av87
    last edited by av87 Apr 29, 2022, 2:53 PM Apr 29, 2022, 2:52 PM

    I am trying to use IPSEC Mobile Client EAP TLS with SecureW2 generated certificates. I created a server certificate and imported it in PFsense 22.01 with all the CA certificates. Trying to connect from a Windows 10 client. Server certificated validated, client certificate is checked against the CRL and is fine than then I get the error below. The client is used to authenticate to our wifi so it is valid. I couldn't manage to find what the issue could be. Anybody have any ideas?

    pr 29 17:27:56 charon 74987 14[CFG] <con-mobile|51> certificate status is good
    Apr 29 17:27:56 charon 74987 14[CFG] <con-mobile|51> reached self-signed root ca with a path length of 1
    Apr 29 17:27:56 charon 74987 14[TLS] <con-mobile|51> signature verification with RSA_PSS_RSAE_SHA256 failed
    Apr 29 17:27:56 charon 74987 14[TLS] <con-mobile|51> signature verification failed
    Apr 29 17:27:56 charon 74987 14[TLS] <con-mobile|51> sending fatal TLS alert 'decrypt error'
    Apr 29 17:27:56 charon 74987 14[ENC] <con-mobile|51> generating IKE_AUTH response 9 [ EAP/REQ/TLS ]

    1 Reply Last reply Reply Quote 0
    1 out of 1
    • First post
      1/1
      Last post
    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
      This community forum collects and processes your personal information.
      consent.not_received