4. Ipsec to mobile windows client

Ipsec to mobile windows client

  • O

    using
    -windows 8
    -shrew soft vpn client
    -pf 2.2.4

    =shrew soft shows it was "tunnel enabled" but shows no estableshed security associations
    =client was given an ip address from the vpn pool
    =could ping the ip address but couldnt ping the rest…ie the firewall lan ip
    =status of vpn ipsec shows NO SAD and NO SPD

    see partial ipsec logs...myt help

    Aug 8 03:14:14 charon: 09[IKE] <con1|52>sending DPD request
    Aug 8 03:14:14 charon: 09[IKE] <con1|52>sending DPD request
    Aug 8 03:14:14 charon: 09[ENC] <con1|52>generating INFORMATIONAL_V1 request 3088578214 [ HASH N(DPD) ]
    Aug 8 03:14:14 charon: 09[NET] <con1|52>sending packet: from 192.168.30.1[4500] to 192.168.30.254[4500] (92 bytes)
    Aug 8 03:14:14 charon: 09[NET] <con1|52>received packet: from 192.168.30.254[4500] to 192.168.30.1[4500] (92 bytes)
    Aug 8 03:14:14 charon: 09[ENC] <con1|52>parsed INFORMATIONAL_V1 request 2888719617 [ HASH N(DPD_ACK) ]
    Aug 8 03:14:19 charon: 09[NET] <con1|52>received packet: from 192.168.30.254[4500] to 192.168.30.1[4500] (92 bytes)
    Aug 8 03:14:19 charon: 09[ENC] <con1|52>parsed INFORMATIONAL_V1 request 4253231959 [ HASH N(DPD) ]
    Aug 8 03:14:19 charon: 09[ENC] <con1|52>generating INFORMATIONAL_V1 request 1325839273 [ HASH N(DPD_ACK) ]
    Aug 8 03:14:19 charon: 09[NET] <con1|52>sending packet: from 192.168.30.1[4500] to 192.168.30.254[4500] (92 bytes)
    Aug 8 03:14:29 charon: 09[IKE] <con1|52>sending DPD request
    Aug 8 03:14:29 charon: 09[IKE] <con1|52>sending DPD request

    thanks for any help</con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52>

    0
  • M

    Hi

    Because the Shrew Soft VPN client is not compatible with Windows 10 and IKEv2 is better than IKEv1 try following this guide:

    https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2

    I have it working on all my remote clients except StrongSwan client on Linux which is why I am here posting today. It works really well. I am following this post so if you have any questions let me know.

    IKEv3

    0
  • O

    had it worked….changed the compress algo with deflate....

    0
  • O

    sorry…not the compress algo...its the pfs setting only

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy