Creare connessione VPN l2tp windows7



  • Salve a tutti,
    sono nuovo del forum e da qualche giorno sto cercando di configurare una VPN,
    in breve:

    devo connettere il mio pc da casa su rete con ip dinamico, al pc dell'ufficio che è connesso a internet tramite un box con pfSense e WAN con ip statico.

    Ho seguito guide e tutorial ecc.. ma non c'è verso di farla funzionare.

    ho seguito passo passo la guida

    https://doc.pfsense.org/index.php/L2TP/IPsec

    ma da windows creando la connessione vpn resta in " connessione in corso " per qualche minuto poi mi dà errore:

    Errore 789: Tentativo di connessione L2TP non riuscito. Il livello di sicurezza ha rilevato un errore di elaborazione durante le negoziazioni iniziali con il computer remoto.

    su pfsense questo è il log di IPsec

    
    Oct 22 15:44:34	charon: 01[IKE] <36> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
    Oct 22 15:44:34	charon: 01[IKE] <36> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
    Oct 22 15:44:34	charon: 01[IKE] <36> received FRAGMENTATION vendor ID
    Oct 22 15:44:34	charon: 01[IKE] <36> received FRAGMENTATION vendor ID
    Oct 22 15:44:34	charon: 01[ENC] <36> received unknown vendor ID: fb:1d:e3:cd:f3:41:b7:ea:16:b7:e5:be:08:55:f1:20
    Oct 22 15:44:34	charon: 01[ENC] <36> received unknown vendor ID: 26:24:4d:38:ed:db:61:b3:17:2a:36:e3:d0:cf:b8:19
    Oct 22 15:44:34	charon: 01[ENC] <36> received unknown vendor ID: e3:a5:96:6a:76:37:9f:e7:07:22:82:31:e5:ce:86:52
    Oct 22 15:44:34	charon: 01[IKE] <36> 79.43.191.180 is initiating a Main Mode IKE_SA
    Oct 22 15:44:34	charon: 01[IKE] <36> 79.43.191.180 is initiating a Main Mode IKE_SA
    Oct 22 15:44:34	charon: 01[ENC] <36> generating ID_PROT response 0 [ SA V V V V ]
    Oct 22 15:44:34	charon: 01[NET] <36> sending packet: from 192.168.2.2[500] to 79.43.191.180[500] (156 bytes)
    Oct 22 15:44:34	charon: 01[NET] <36> received packet: from 79.43.191.180[500] to 192.168.2.2[500] (228 bytes)
    Oct 22 15:44:34	charon: 01[ENC] <36> parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
    Oct 22 15:44:34	charon: 01[IKE] <36> local host is behind NAT, sending keep alives
    Oct 22 15:44:34	charon: 01[IKE] <36> local host is behind NAT, sending keep alives
    Oct 22 15:44:34	charon: 01[IKE] <36> remote host is behind NAT
    Oct 22 15:44:34	charon: 01[IKE] <36> remote host is behind NAT
    Oct 22 15:44:34	charon: 01[ENC] <36> generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
    Oct 22 15:44:34	charon: 01[NET] <36> sending packet: from 192.168.2.2[500] to 79.43.191.180[500] (212 bytes)
    Oct 22 15:44:54	charon: 01[IKE] <36> sending keep alive to 79.43.191.180[500]
    Oct 22 15:44:54	charon: 01[IKE] <36> sending keep alive to 79.43.191.180[500]
    Oct 22 15:45:04	charon: 01[JOB] <36> deleting half open IKE_SA after timeout
    Oct 22 15:56:51	charon: 10[NET] <37> received packet: from 79.43.191.180[500] to 192.168.2.2[500] (384 bytes)
    Oct 22 15:56:51	charon: 10[ENC] <37> parsed ID_PROT request 0 [ SA V V V V V V V ]
    Oct 22 15:56:51	charon: 10[IKE] <37> received MS NT5 ISAKMPOAKLEY vendor ID
    Oct 22 15:56:51	charon: 10[IKE] <37> received MS NT5 ISAKMPOAKLEY vendor ID
    Oct 22 15:56:51	charon: 10[IKE] <37> received NAT-T (RFC 3947) vendor ID
    Oct 22 15:56:51	charon: 10[IKE] <37> received NAT-T (RFC 3947) vendor ID
    Oct 22 15:56:51	charon: 10[IKE] <37> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
    Oct 22 15:56:51	charon: 10[IKE] <37> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
    Oct 22 15:56:51	charon: 10[IKE] <37> received FRAGMENTATION vendor ID
    Oct 22 15:56:51	charon: 10[IKE] <37> received FRAGMENTATION vendor ID
    Oct 22 15:56:51	charon: 10[ENC] <37> received unknown vendor ID: fb:1d:e3:cd:f3:41:b7:ea:16:b7:e5:be:08:55:f1:20
    Oct 22 15:56:51	charon: 10[ENC] <37> received unknown vendor ID: 26:24:4d:38:ed:db:61:b3:17:2a:36:e3:d0:cf:b8:19
    Oct 22 15:56:51	charon: 10[ENC] <37> received unknown vendor ID: e3:a5:96:6a:76:37:9f:e7:07:22:82:31:e5:ce:86:52
    Oct 22 15:56:51	charon: 10[IKE] <37> 79.43.191.180 is initiating a Main Mode IKE_SA
    Oct 22 15:56:51	charon: 10[IKE] <37> 79.43.191.180 is initiating a Main Mode IKE_SA
    Oct 22 15:56:51	charon: 10[ENC] <37> generating ID_PROT response 0 [ SA V V V V ]
    Oct 22 15:56:51	charon: 10[NET] <37> sending packet: from 192.168.2.2[500] to 79.43.191.180[500] (156 bytes)
    Oct 22 15:56:51	charon: 10[NET] <37> received packet: from 79.43.191.180[500] to 192.168.2.2[500] (228 bytes)
    Oct 22 15:56:51	charon: 10[ENC] <37> parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
    Oct 22 15:56:51	charon: 10[IKE] <37> local host is behind NAT, sending keep alives
    Oct 22 15:56:51	charon: 10[IKE] <37> local host is behind NAT, sending keep alives
    Oct 22 15:56:51	charon: 10[IKE] <37> remote host is behind NAT
    Oct 22 15:56:51	charon: 10[IKE] <37> remote host is behind NAT
    Oct 22 15:56:51	charon: 10[ENC] <37> generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
    Oct 22 15:56:51	charon: 10[NET] <37> sending packet: from 192.168.2.2[500] to 79.43.191.180[500] (212 bytes)
    Oct 22 15:57:11	charon: 10[IKE] <37> sending keep alive to 79.43.191.180[500]
    Oct 22 15:57:11	charon: 10[IKE] <37> sending keep alive to 79.43.191.180[500]
    Oct 22 15:57:21	charon: 10[JOB] <37> deleting half open IKE_SA after timeout
    
    

Log in to reply