Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Ipsec to mobile windows client

    Scheduled Pinned Locked Moved IPsec
    4 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      ozlecz
      last edited by

      using
      -windows 8
      -shrew soft vpn client
      -pf 2.2.4

      =shrew soft shows it was "tunnel enabled" but shows no estableshed security associations
      =client was given an ip address from the vpn pool
      =could ping the ip address but couldnt ping the rest…ie the firewall lan ip
      =status of vpn ipsec shows NO SAD and NO SPD

      see partial ipsec logs...myt help

      Aug 8 03:14:14 charon: 09[IKE] <con1|52>sending DPD request
      Aug 8 03:14:14 charon: 09[IKE] <con1|52>sending DPD request
      Aug 8 03:14:14 charon: 09[ENC] <con1|52>generating INFORMATIONAL_V1 request 3088578214 [ HASH N(DPD) ]
      Aug 8 03:14:14 charon: 09[NET] <con1|52>sending packet: from 192.168.30.1[4500] to 192.168.30.254[4500] (92 bytes)
      Aug 8 03:14:14 charon: 09[NET] <con1|52>received packet: from 192.168.30.254[4500] to 192.168.30.1[4500] (92 bytes)
      Aug 8 03:14:14 charon: 09[ENC] <con1|52>parsed INFORMATIONAL_V1 request 2888719617 [ HASH N(DPD_ACK) ]
      Aug 8 03:14:19 charon: 09[NET] <con1|52>received packet: from 192.168.30.254[4500] to 192.168.30.1[4500] (92 bytes)
      Aug 8 03:14:19 charon: 09[ENC] <con1|52>parsed INFORMATIONAL_V1 request 4253231959 [ HASH N(DPD) ]
      Aug 8 03:14:19 charon: 09[ENC] <con1|52>generating INFORMATIONAL_V1 request 1325839273 [ HASH N(DPD_ACK) ]
      Aug 8 03:14:19 charon: 09[NET] <con1|52>sending packet: from 192.168.30.1[4500] to 192.168.30.254[4500] (92 bytes)
      Aug 8 03:14:29 charon: 09[IKE] <con1|52>sending DPD request
      Aug 8 03:14:29 charon: 09[IKE] <con1|52>sending DPD request

      thanks for any help</con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52>

      1 Reply Last reply Reply Quote 0
      • M
        mwhitcomb7
        last edited by

        Hi

        Because the Shrew Soft VPN client is not compatible with Windows 10 and IKEv2 is better than IKEv1 try following this guide:

        https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2

        I have it working on all my remote clients except StrongSwan client on Linux which is why I am here posting today. It works really well. I am following this post so if you have any questions let me know.

        IKEv3

        1 Reply Last reply Reply Quote 0
        • O
          ozlecz
          last edited by

          had it worked….changed the compress algo with deflate....

          1 Reply Last reply Reply Quote 0
          • O
            ozlecz
            last edited by

            sorry…not the compress algo...its the pfs setting only

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.