Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IP Sec not starting on connection

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      edge123
      last edited by

      I cant seem to get 1 of my 2 vpn tunnels up and running no matter what i do, it looks like its not even trying to start it.

      I have tried running this tunnel by itself and it it also didn't work.  From what i can tell and see, its never trying to connect to the remote ip at all and i am at a loss of what to even try

      the odd part is i got it to go up once, but I have no idea what i did…

      anyway here is the config file, let me know i you can even thing of anything.

      
      path pre_shared_key "/var/etc/psk.txt";
      
      path certificate  "/var/etc";
      
      listen
      {
              adminsock "/var/run/racoon.sock" "root" "wheel" 0660;
              isakmp 76.11.xxx.xxx [500];
              isakmp_natt 76.11.xxx.xxx [4500];
      }
      
      remote 24.36.xxx.xxx
      {
              ph1id 2;
              exchange_mode main;
              my_identifier address 76.11.xxx.xxx;
              peers_identifier address 24.36.xxx.xxx;
              ike_frag on;
              generate_policy = off;
              initial_contact = on;
              nat_traversal = off;
      
              dpd_delay = 10;
              dpd_maxfail = 5;
              support_proxy on;
              proposal_check claim;
      
              proposal
              {
                      authentication_method pre_shared_key;
                      encryption_algorithm aes 256;
                      hash_algorithm sha1;
                      dh_group 5;
                      lifetime time 28800 secs;
              }
      }
      
      remote 204.174.xxx.xxx
      {
              ph1id 1;
              exchange_mode main;
              my_identifier address 76.11.xxx.xxx;
              peers_identifier address 204.174.xxx.xxx;
              ike_frag on;
              generate_policy = off;
              initial_contact = on;
              nat_traversal = on;
      
              dpd_delay = 10;
              dpd_maxfail = 5;
              support_proxy on;
              proposal_check claim;
      
              proposal
              {
                      authentication_method pre_shared_key;
                      encryption_algorithm aes 256;
                      hash_algorithm sha1;
                      dh_group 5;
                      lifetime time 28800 secs;
              }
      }
      
      sainfo address 76.11.xxx.xxx any address 24.36.xxx.xxx any
      {
              remoteid 2;
              encryption_algorithm aes 128;
              authentication_algorithm hmac_sha1;
      
              lifetime time 3600 secs;
              compression_algorithm deflate;
      }
      
      sainfo address 76.11.xxx.xxx any address 204.174.xxx.xxx any
      {
              remoteid 1;
              encryption_algorithm aes 128;
              authentication_algorithm hmac_sha1;
      
              lifetime time 3600 secs;
              compression_algorithm deflate;
      }
              support_proxy on;
              proposal_check claim;
      
              proposal
              {
                      authentication_method pre_shared_key;
                      encryption_algorithm aes 256;
                      hash_algorithm sha1;
                      dh_group 5;
                      lifetime time 28800 secs;
              }
      }
      
      sainfo address 76.11.xxx.xxx any address 24.36.xxx.xxx any
      {
              remoteid 2;
              encryption_algorithm aes 128;
              authentication_algorithm hmac_sha1;
      
              lifetime time 3600 secs;
              compression_algorithm deflate;
      }
      
      sainfo address 76.11.xxx.xxx any address 204.174.xxx.xxx any
      {
              remoteid 1;
              encryption_algorithm aes 128;
              authentication_algorithm hmac_sha1;
      
              lifetime time 3600 secs;
              compression_algorithm deflate;
      }
      
      
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.