• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Cannot create a tunnel with a gateway

Scheduled Pinned Locked Moved IPsec
3 Posts 2 Posters 2.3k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C
    Comradin
    last edited by Apr 19, 2007, 1:47 PM

    Hello,

    I just deleted the not working tunnel config on my roadwarrior router and now the new config wont accept a remote gateway setting.

    I configured the following settings:

    Interface: WAN
    Local Subnet: LAN Subnet
    Remote Subnet: 192.168.1.0/24
    Remote Gateway: IP.of.my.OPT1 Interface

    Phase1 Settings:
    My Identifier: User FQDN / info@my.domain
    Lifetime: 1200
    Preshared Key: copy+paste from my static configuration

    Phase2 Settings:
    Lifetime: 1200

    And an IP address on my local subnet to ping to.

    I press the save button and what happens? My tunnel setup is created, but the remote gateway information is lost!
    When I look into the system log into IPSec logs I see the following two lines:

    Apr 19 15:33:41 racoon: ERROR: fatal parse failure (1 errors)
    Apr 19 15:33:41 racoon: ERROR: /var/etc/racoon.conf:5: "{" parse error

    Looking at the racoon.conf it does not look very wrong to me, but ok, I am new to this

    path pre_shared_key "/var/etc/psk.txt";

    path certificate  "/var/etc";

    remote  {
            exchange_mode aggressive;
            my_identifier user_fqdn "info@my.domain";

    peers_identifier address ;
            initial_contact on;
            support_proxy on;
            proposal_check obey;

    proposal {
                    encryption_algorithm 3des;
                    hash_algorithm sha1;
                    authentication_method pre_shared_key;
                    dh_group 2;
                    lifetime time 1200 secs;
            }
            lifetime time 1200 secs;
    }

    Next try:
    deleted the tunnel, saved,
    disabled IPSec, saved
    enabled IPSec, saved
    created the tunnel, saved

    Result: again, no gateway

    Can I delete the racoon.conf and it will be created from scratch?

    regards,
    Comradin

    1 Reply Last reply Reply Quote 0
    • H
      hoba
      last edited by Apr 19, 2007, 2:33 PM

      It won't work that way for roadwarriors. Have a look at http://pfsense.org/mirror.php?section=tutorials/mobile_ipsec/ how to configure mobile clients.

      1 Reply Last reply Reply Quote 0
      • C
        Comradin
        last edited by Apr 20, 2007, 7:00 PM

        Ok,

        now Im really lost. I did my setup with the help of this tutorial two or three times now and I do not see any differences between the tutorial and my two machines.

        Only difference is that my static machine has two interfaces with WAN being the dynamic interface with PPPoE and OPT1 being the static interface like I wrote in my other thread where I was told to update my static box to the latest snapshot because of IPSec on OPT1 not being possible.

        1 Reply Last reply Reply Quote 0
        3 out of 3
        • First post
          3/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received