SafeNet 1141 Issues

  • I have a Watchguard x700 applicance running PfSense 2.0-RELEASE (i386) built on Tue Sep 13 18:02:53 EDT 2011. I'm using the NanoBSD embedded 2GB build. The appliance came with a SafeNet 1141 hardware crypto card installed which is recognized by PfSense. It shows up in the control panel under Hardware Crypto and lists the supported types of encryption (md5, SHA1, AES). Running cryptotest from the shell works and returns expected results. I can create VPN tunnels and they will build (both phase 1 and phase 2) however I can't get any traffic to pass over them. If I simply remove the SafeNet card (without making any config changes), the VPN tunnels work fine. Put the card back in, and the problem is back. I should note that even with the card installed, if I use an encryption type not supported by the card such as Blowfish, that the tunnel builds and works perfectly.

    Does anyone have any thoughts on where I should be looking for the problem? Is there is something simple I am missing?? I'm more than willing to perform any suggested tests or provide additional information if needed.


  • That's been reported by others as well, there's something about that card that doesn't play nicely with stock OSes.

Log in to reply