Having Trouble getting ipsec to work



  • heres the error log from pfsense 1.2.3  trying to get ipsec vpn tunnel between 2 pf boxes

    Mar 11 11:49:55 racoon: INFO: begin Aggressive mode.
    Mar 11 11:49:55 racoon: [xxxxxxxxxxxx]: INFO: initiate new phase 1 negotiation: 192.168.0.2[500]<=>xx.xx.xx.xx[500]
    Mar 11 11:49:55 racoon: [xxxxxxxxxxxx]: INFO: IPsec-SA request for xx.xx.xx.xx queued due to no phase1 found.
    Mar 11 11:49:34 racoon: [Self]: INFO: 192.168.3.3[500] used as isakmp port (fd=15)
    Mar 11 11:49:34 racoon: [Self]: INFO: 192.168.0.2[500] used as isakmp port (fd=14)
    Mar 11 11:49:34 racoon: [Self]: INFO: 127.0.0.1[500] used as isakmp port (fd=13)
    Mar 11 11:49:34 racoon: INFO: unsupported PF_KEY message REGISTER
    Mar 11 11:49:34 racoon: INFO: unsupported PF_KEY message REGISTER



  • It looks like a mismatched phase 2 key. The error logging does not always provide definitive answers though. If you provide your config, you will more likely get a better response.


Log in to reply