4. Ipsec to mobile windows client

Ipsec to mobile windows client

  • O

    using
    -windows 8
    -shrew soft vpn client
    -pf 2.2.4

    =shrew soft shows it was "tunnel enabled" but shows no estableshed security associations
    =client was given an ip address from the vpn pool
    =could ping the ip address but couldnt ping the rest…ie the firewall lan ip
    =status of vpn ipsec shows NO SAD and NO SPD

    see partial ipsec logs...myt help

    Aug 8 03:14:14 charon: 09[IKE] <con1|52>sending DPD request
    Aug 8 03:14:14 charon: 09[IKE] <con1|52>sending DPD request
    Aug 8 03:14:14 charon: 09[ENC] <con1|52>generating INFORMATIONAL_V1 request 3088578214 [ HASH N(DPD) ]
    Aug 8 03:14:14 charon: 09[NET] <con1|52>sending packet: from 192.168.30.1[4500] to 192.168.30.254[4500] (92 bytes)
    Aug 8 03:14:14 charon: 09[NET] <con1|52>received packet: from 192.168.30.254[4500] to 192.168.30.1[4500] (92 bytes)
    Aug 8 03:14:14 charon: 09[ENC] <con1|52>parsed INFORMATIONAL_V1 request 2888719617 [ HASH N(DPD_ACK) ]
    Aug 8 03:14:19 charon: 09[NET] <con1|52>received packet: from 192.168.30.254[4500] to 192.168.30.1[4500] (92 bytes)
    Aug 8 03:14:19 charon: 09[ENC] <con1|52>parsed INFORMATIONAL_V1 request 4253231959 [ HASH N(DPD) ]
    Aug 8 03:14:19 charon: 09[ENC] <con1|52>generating INFORMATIONAL_V1 request 1325839273 [ HASH N(DPD_ACK) ]
    Aug 8 03:14:19 charon: 09[NET] <con1|52>sending packet: from 192.168.30.1[4500] to 192.168.30.254[4500] (92 bytes)
    Aug 8 03:14:29 charon: 09[IKE] <con1|52>sending DPD request
    Aug 8 03:14:29 charon: 09[IKE] <con1|52>sending DPD request

    thanks for any help</con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52></con1|52>

    0
  • M

    Hi

    Because the Shrew Soft VPN client is not compatible with Windows 10 and IKEv2 is better than IKEv1 try following this guide:

    https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2

    I have it working on all my remote clients except StrongSwan client on Linux which is why I am here posting today. It works really well. I am following this post so if you have any questions let me know.

    IKEv3

    0
  • O

    had it worked….changed the compress algo with deflate....

    0
  • O

    sorry…not the compress algo...its the pfs setting only

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy