4. IP Sec not starting on connection

IP Sec not starting on connection

  • E

    I cant seem to get 1 of my 2 vpn tunnels up and running no matter what i do, it looks like its not even trying to start it.

    I have tried running this tunnel by itself and it it also didn't work.  From what i can tell and see, its never trying to connect to the remote ip at all and i am at a loss of what to even try

    the odd part is i got it to go up once, but I have no idea what i did…

    anyway here is the config file, let me know i you can even thing of anything.

    
path pre_shared_key "/var/etc/psk.txt";

path certificate  "/var/etc";

listen
{
        adminsock "/var/run/racoon.sock" "root" "wheel" 0660;
        isakmp 76.11.xxx.xxx [500];
        isakmp_natt 76.11.xxx.xxx [4500];
}

remote 24.36.xxx.xxx
{
        ph1id 2;
        exchange_mode main;
        my_identifier address 76.11.xxx.xxx;
        peers_identifier address 24.36.xxx.xxx;
        ike_frag on;
        generate_policy = off;
        initial_contact = on;
        nat_traversal = off;

        dpd_delay = 10;
        dpd_maxfail = 5;
        support_proxy on;
        proposal_check claim;

        proposal
        {
                authentication_method pre_shared_key;
                encryption_algorithm aes 256;
                hash_algorithm sha1;
                dh_group 5;
                lifetime time 28800 secs;
        }
}

remote 204.174.xxx.xxx
{
        ph1id 1;
        exchange_mode main;
        my_identifier address 76.11.xxx.xxx;
        peers_identifier address 204.174.xxx.xxx;
        ike_frag on;
        generate_policy = off;
        initial_contact = on;
        nat_traversal = on;

        dpd_delay = 10;
        dpd_maxfail = 5;
        support_proxy on;
        proposal_check claim;

        proposal
        {
                authentication_method pre_shared_key;
                encryption_algorithm aes 256;
                hash_algorithm sha1;
                dh_group 5;
                lifetime time 28800 secs;
        }
}

sainfo address 76.11.xxx.xxx any address 24.36.xxx.xxx any
{
        remoteid 2;
        encryption_algorithm aes 128;
        authentication_algorithm hmac_sha1;

        lifetime time 3600 secs;
        compression_algorithm deflate;
}

sainfo address 76.11.xxx.xxx any address 204.174.xxx.xxx any
{
        remoteid 1;
        encryption_algorithm aes 128;
        authentication_algorithm hmac_sha1;

        lifetime time 3600 secs;
        compression_algorithm deflate;
}
        support_proxy on;
        proposal_check claim;

        proposal
        {
                authentication_method pre_shared_key;
                encryption_algorithm aes 256;
                hash_algorithm sha1;
                dh_group 5;
                lifetime time 28800 secs;
        }
}

sainfo address 76.11.xxx.xxx any address 24.36.xxx.xxx any
{
        remoteid 2;
        encryption_algorithm aes 128;
        authentication_algorithm hmac_sha1;

        lifetime time 3600 secs;
        compression_algorithm deflate;
}

sainfo address 76.11.xxx.xxx any address 204.174.xxx.xxx any
{
        remoteid 1;
        encryption_algorithm aes 128;
        authentication_algorithm hmac_sha1;

        lifetime time 3600 secs;
        compression_algorithm deflate;
}
    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy