Problem - pfsense 1.2.2 and openbsd using isakmpd

  • Hi all

    Ok, making a bit of a change here.. i've used openbsd with pf and isakmpd for years now, but looking at pfsense

    Anyhow, little issue,

    I can't get the VPNs to work between the 2 devices.. My rules are wide open at the moment for the point of the test

    on the BSD side, I am getting a giving up message, which is usually due to access / communications. On the pfsense side I am getting a
    Aug 17 12:12:16 racoon: ERROR: couldn't find configuration.

    Anyhow, I can't see how to enable more in depth viewing of what is going on, but I don't see any ipsec attempts at all.

    Please note, my wording below and rules are just listed so it is easy for you to read.. they are not exact, but result in virtually, the same

    Firewall Rules
    Pass quick log from <bsdfw>to <pfsensefw>keep state
    pass quick log from <pfsensefw>to <bsdfw>keep state
    pass quick log on enc0 keep state
    pass quick log from <bsdadmin>to <pfsenseadmin>keep state

    I allow all in and out of the lan interface
    I allow all in and out of the wan interface in reference to the bsdfw

    VPN setup

    settings on BSD

    [Phase 1] peer-pfsenseadmin

    [Phase 2]
    Connections=    vpn-bsdadmin-pfsenseadmin

    Phase=          1
    Transport=      udp
    Configuration=  Default-main-mode
    Authentication= th1s1s4test

    Phase=          2
    ISAKMP-peer=    peer-pfsenseadmin
    Configuration=  Default-quick-mode
    Local-ID=      bsdadmin
    Remote-ID=      pfsenseadmin

    ID-type=        IPV4_ADDR_SUBNET

    ID-type=        IPV4_ADDR_SUBNET

    DOI=                    IPSEC
    Transforms=            3DES-SHA

    DOI=                    IPSEC
    Suites=                QM-ESP-3DES-SHA-SUITE

    Settings on PFSENSE

    interface: wan
    local subnet: lan subnet
    remote subnet:
    remote gateway:

    negotiation mode: main
    my identifier: Not a clue what to use this for??
    Encryption Algorithm: 3des
    Hash algorithm: sha1
    DH key group: 2
    Lifetime: 28800
    Authentication method: Pre-shared key
    Pre-shared Key: th1s1s4test

    protocol: ESP
    encryption algorithms: 3des, blowfish, cast128, AES, AES256
    Hash Algorithms: Sha1
    Lifetime: 3600