LAN TO LAN IPSEC WITH RSA (NOT PRESHARED-KEY)



  • hEY GUYS

    I AM USING PFSENSE 2.0 RC3 WITH IPSEC TUNNELS. IT'S WORK VERY GOOD BUT I WANT TO INCREASE MY SECURITY LEVEL USING STANDARD X.509 FOR PHASE ONE.
    MY SCENARIO:

    draytek 2710 <–-----> internet <-------->pfsense 2.0

    I FOLLOWED THIS GUIDE http://doc.pfsense.org/index.php/IPsec_RSA_Authentication_Quick_Start BUT I THINK IT'S FOR 1.2 VERSION. THERE ARE DIFFERENT FIELDS IN IPSEC CONFIGURATION (EX. PEER CERTIFICATE)
    HAVE YOU A GUIDE FOR VERSION 2.0 ?
    NOW I OBTAIN THIS WARNING:
    : WARNING: unable to get certificate CRL(3) at depth:1 SubjectName:/C=IT/ST=BOLOGNA/L=BOLOGNA/O=xxx/OU=yyyy/CN=CA AUTORITY ccc/emailAddress=XXXXXXX

    CAN YOU HELP ME ?
    Thank you!!
    Stefano


Locked