Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    IOS 8 Cisco IPSec -> pfSense 2.2 broken

    IPsec
    3
    5
    6533
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Alfi1966 last edited by

      Upgraded to 2.2 today. When testing my VPN from an IOS device I discovered that it is not working anymore.

      This is the message related:

      "found 1 matching config, but none allows XAuthInitPSK authentication using Aggressive Mode"

      I have tried setting phase 1 to 'main' instead of 'agressive' to no avail.

      Any ideas? (user auth. not cert)

      1 Reply Last reply Reply Quote 0
      • R
        razzfazz last edited by

        Works for me, in aggressive mode. What are your other settings?

        1 Reply Last reply Reply Quote 0
        • D
          dkrusko last edited by

          I had same issue last night, finally got it working again by going to Mobile Clients setting under VPN IPSEC and unchecking  Phase2 PFS Group (Provide the Phase2 PFS group to clients ( overrides all mobile phase2 settings ) and setting Group: OFF, after that my clients started connecting just fine.

          1 Reply Last reply Reply Quote 0
          • A
            Alfi1966 last edited by

            Thanks,

            Setting the PFS Key Group to off and changing the Lifetime to 3600 seconds resolved the issue.

            Now one other issue left, when connected not all my traffic is routed through the VPN, only the LAN targeted trafic, in the 2.1.5. situation all traffic was routed through the VPN once established.

            Back to the drawing board on this, if anyone has a solution for this I would like to hear it :-)

            EDIT: Above resolved by specifying Phase 2 Local Network as Network 0.0.0.0/0 as per https://doc.pfsense.org/index.php/Upgrade_Guide#IPsec_Changes

            All working as I intended it now.

            1 Reply Last reply Reply Quote 0
            • D
              dkrusko last edited by

              Same here, after i followed instructions in https://doc.pfsense.org/index.php/Upgrade_Guide#IPsec_Changes all is back to normal.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post

              Products

              • Platform Overview
              • TNSR
              • pfSense Plus
              • Appliances

              Services

              • Training
              • Professional Services

              Support

              • Subscription Plans
              • Contact Support
              • Product Lifecycle
              • Documentation

              News

              • Media Coverage
              • Press
              • Events

              Resources

              • Blog
              • FAQ
              • Find a Partner
              • Resource Library
              • Security Information

              Company

              • About Us
              • Careers
              • Partners
              • Contact Us
              • Legal
              Our Mission

              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

              Subscribe to our Newsletter

              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

              © 2021 Rubicon Communications, LLC | Privacy Policy