MultiWan and IPsec



  • Hello,

    I have two Wan connections set up as failover. I have clients that use Shrewsoft VPN client to connect to our main WAN. Some of our people have problems using our Main Wan, because they are from another country…so they report random disconnects from ShrewSoft.

    I wanted to use the second WAN connection to check if the connection would be better. However I cannot seem to get it working...I've set the interface to the 1st Failover Group in Phase 1 IPSec. Our normal WAN Ipsec works.

    If we change the IP of the ShrewSoft VPN client to the second WAN ip address as the destination, it does not work, our logs report:

    Oct 20 12:13:58 charon: 15[IKE] <579> found 1 matching config, but none allows XAuthInitPSK authentication using Aggressive Mode
    Oct 20 12:13:58 charon: 15[IKE] <579> found 1 matching config, but none allows XAuthInitPSK authentication using Aggressive Mode

    We are using MUTUAL PSK + XAuth and Aggressive mode plus LDAP authentication…it works fine with the main WAN, not with the second.

    Are there any additional settings that need to be done? Backup wan has a firewall rule to allow IPSEC and ike.

    In the Shrewsoft Client, I only changed the destination ip address.

    Any help would pe appreciated :)

    Thanks


Log in to reply