Ipsec tunnel between 2.03 and cisco, broken after upgrade to 2.1
-
Hello,
i had a working ipsec tunnel setup between my pfsense 2.03 and a cisco device, but this morning after upgrade to 2.1 i get this error and the tunnel stays down:
ERROR: exchange Identity Protection not allowed in any applicable rmconf.
Any suggestions? Thx.
-
Seen this once, I had to delete the tunnel and re-create it with the same settings. Probably some entry in the Racoon config, but was just easier to rebuild it. If you have a really complicated tunnel you can review the config file.
-
I've seen similar errors when there is a mismatch on negotiation mode (aggressive and main) Check your settings and if everything is correct on both sides try rwalker's suggestion and recreate the tunnel.