Having Trouble getting ipsec to work
-
heres the error log from pfsense 1.2.3 trying to get ipsec vpn tunnel between 2 pf boxes
Mar 11 11:49:55 racoon: INFO: begin Aggressive mode.
Mar 11 11:49:55 racoon: [xxxxxxxxxxxx]: INFO: initiate new phase 1 negotiation: 192.168.0.2[500]<=>xx.xx.xx.xx[500]
Mar 11 11:49:55 racoon: [xxxxxxxxxxxx]: INFO: IPsec-SA request for xx.xx.xx.xx queued due to no phase1 found.
Mar 11 11:49:34 racoon: [Self]: INFO: 192.168.3.3[500] used as isakmp port (fd=15)
Mar 11 11:49:34 racoon: [Self]: INFO: 192.168.0.2[500] used as isakmp port (fd=14)
Mar 11 11:49:34 racoon: [Self]: INFO: 127.0.0.1[500] used as isakmp port (fd=13)
Mar 11 11:49:34 racoon: INFO: unsupported PF_KEY message REGISTER
Mar 11 11:49:34 racoon: INFO: unsupported PF_KEY message REGISTER
-
It looks like a mismatched phase 2 key. The error logging does not always provide definitive answers though. If you provide your config, you will more likely get a better response.