Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IP Sec not starting on connection

    IPsec
    1
    1
    1.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      edge123
      last edited by

      I cant seem to get 1 of my 2 vpn tunnels up and running no matter what i do, it looks like its not even trying to start it.

      I have tried running this tunnel by itself and it it also didn't work.  From what i can tell and see, its never trying to connect to the remote ip at all and i am at a loss of what to even try

      the odd part is i got it to go up once, but I have no idea what i did…

      anyway here is the config file, let me know i you can even thing of anything.

      
path pre_shared_key "/var/etc/psk.txt";

path certificate  "/var/etc";

listen
{
        adminsock "/var/run/racoon.sock" "root" "wheel" 0660;
        isakmp 76.11.xxx.xxx [500];
        isakmp_natt 76.11.xxx.xxx [4500];
}

remote 24.36.xxx.xxx
{
        ph1id 2;
        exchange_mode main;
        my_identifier address 76.11.xxx.xxx;
        peers_identifier address 24.36.xxx.xxx;
        ike_frag on;
        generate_policy = off;
        initial_contact = on;
        nat_traversal = off;

        dpd_delay = 10;
        dpd_maxfail = 5;
        support_proxy on;
        proposal_check claim;

        proposal
        {
                authentication_method pre_shared_key;
                encryption_algorithm aes 256;
                hash_algorithm sha1;
                dh_group 5;
                lifetime time 28800 secs;
        }
}

remote 204.174.xxx.xxx
{
        ph1id 1;
        exchange_mode main;
        my_identifier address 76.11.xxx.xxx;
        peers_identifier address 204.174.xxx.xxx;
        ike_frag on;
        generate_policy = off;
        initial_contact = on;
        nat_traversal = on;

        dpd_delay = 10;
        dpd_maxfail = 5;
        support_proxy on;
        proposal_check claim;

        proposal
        {
                authentication_method pre_shared_key;
                encryption_algorithm aes 256;
                hash_algorithm sha1;
                dh_group 5;
                lifetime time 28800 secs;
        }
}

sainfo address 76.11.xxx.xxx any address 24.36.xxx.xxx any
{
        remoteid 2;
        encryption_algorithm aes 128;
        authentication_algorithm hmac_sha1;

        lifetime time 3600 secs;
        compression_algorithm deflate;
}

sainfo address 76.11.xxx.xxx any address 204.174.xxx.xxx any
{
        remoteid 1;
        encryption_algorithm aes 128;
        authentication_algorithm hmac_sha1;

        lifetime time 3600 secs;
        compression_algorithm deflate;
}
        support_proxy on;
        proposal_check claim;

        proposal
        {
                authentication_method pre_shared_key;
                encryption_algorithm aes 256;
                hash_algorithm sha1;
                dh_group 5;
                lifetime time 28800 secs;
        }
}

sainfo address 76.11.xxx.xxx any address 24.36.xxx.xxx any
{
        remoteid 2;
        encryption_algorithm aes 128;
        authentication_algorithm hmac_sha1;

        lifetime time 3600 secs;
        compression_algorithm deflate;
}

sainfo address 76.11.xxx.xxx any address 204.174.xxx.xxx any
{
        remoteid 1;
        encryption_algorithm aes 128;
        authentication_algorithm hmac_sha1;

        lifetime time 3600 secs;
        compression_algorithm deflate;
}
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.