exchange Identity Protection not allowed in any applicable rmconf
-
I am receiving this error on my VPN connection. I am kinda new to pfsense so if you ask for logs tell me how to find them. I can tell you the setup I have matched between a sonicwall firewall and 2.0 pfsense as close as I possible can. Here is my log if anyone has any ideas.
Jun 21 22:41:04 racoon: INFO: @(#)ipsec-tools 0.8.0 (http://ipsec-tools.sourceforge.net)
Jun 21 22:41:04 racoon: INFO: @(#)This product linked OpenSSL 0.9.8n 24 Mar 2010 (http://www.openssl.org/)
Jun 21 22:41:04 racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
Jun 21 22:41:04 racoon: [Self]: INFO: bbb.bbb.bbb.bbb[4500] used for NAT-T
Jun 21 22:41:04 racoon: [Self]: INFO: bbb.bbb.bbb.bbb[4500] used as isakmp port (fd=17)
Jun 21 22:41:04 racoon: [Self]: INFO: bbb.bbb.bbb.bbb[500] used for NAT-T
Jun 21 22:41:04 racoon: [Self]: INFO: bbb.bbb.bbb.bbb[500] used as isakmp port (fd=18)
Jun 21 22:41:04 racoon: INFO: unsupported PF_KEY message REGISTER
Jun 21 22:41:22 racoon: [Work]: [aaa.aaa.aaa.aaa] ERROR: exchange Identity Protection not allowed in any applicable rmconf.
Jun 21 22:41:30 racoon: [Work]: aaa.aaa.aaa.aaa] ERROR: exchange Identity Protection not allowed in any applicable rmconf.The last entry
ERROR: exchange Identity Protection not allowed in any applicable rmconf.
Will scroll forever if I leave it alone
I admin both sides of the VPN so if anyone has any ideas I would love to try. I googled this error and got 4 results that didnt help so I posted here.
-
IIRC that's a mismatch in Main/Aggressive mode between the two ends.
-
YAAA you fixed me! Thanks a bunch!
