Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Having Trouble getting ipsec to work

    IPsec
    2
    2
    1211
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tomklyn last edited by

      heres the error log from pfsense 1.2.3  trying to get ipsec vpn tunnel between 2 pf boxes

      Mar 11 11:49:55 racoon: INFO: begin Aggressive mode.
      Mar 11 11:49:55 racoon: [xxxxxxxxxxxx]: INFO: initiate new phase 1 negotiation: 192.168.0.2[500]<=>xx.xx.xx.xx[500]
      Mar 11 11:49:55 racoon: [xxxxxxxxxxxx]: INFO: IPsec-SA request for xx.xx.xx.xx queued due to no phase1 found.
      Mar 11 11:49:34 racoon: [Self]: INFO: 192.168.3.3[500] used as isakmp port (fd=15)
      Mar 11 11:49:34 racoon: [Self]: INFO: 192.168.0.2[500] used as isakmp port (fd=14)
      Mar 11 11:49:34 racoon: [Self]: INFO: 127.0.0.1[500] used as isakmp port (fd=13)
      Mar 11 11:49:34 racoon: INFO: unsupported PF_KEY message REGISTER
      Mar 11 11:49:34 racoon: INFO: unsupported PF_KEY message REGISTER

      1 Reply Last reply Reply Quote 0
      • B
        bkm last edited by

        It looks like a mismatched phase 2 key. The error logging does not always provide definitive answers though. If you provide your config, you will more likely get a better response.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post