Creare connessione VPN l2tp windows7
-
Salve a tutti,
sono nuovo del forum e da qualche giorno sto cercando di configurare una VPN,
in breve:devo connettere il mio pc da casa su rete con ip dinamico, al pc dell'ufficio che è connesso a internet tramite un box con pfSense e WAN con ip statico.
Ho seguito guide e tutorial ecc.. ma non c'è verso di farla funzionare.
ho seguito passo passo la guida
https://doc.pfsense.org/index.php/L2TP/IPsec
ma da windows creando la connessione vpn resta in " connessione in corso " per qualche minuto poi mi dà errore:
Errore 789: Tentativo di connessione L2TP non riuscito. Il livello di sicurezza ha rilevato un errore di elaborazione durante le negoziazioni iniziali con il computer remoto.
su pfsense questo è il log di IPsec
Oct 22 15:44:34 charon: 01[IKE] <36> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID Oct 22 15:44:34 charon: 01[IKE] <36> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID Oct 22 15:44:34 charon: 01[IKE] <36> received FRAGMENTATION vendor ID Oct 22 15:44:34 charon: 01[IKE] <36> received FRAGMENTATION vendor ID Oct 22 15:44:34 charon: 01[ENC] <36> received unknown vendor ID: fb:1d:e3:cd:f3:41:b7:ea:16:b7:e5:be:08:55:f1:20 Oct 22 15:44:34 charon: 01[ENC] <36> received unknown vendor ID: 26:24:4d:38:ed:db:61:b3:17:2a:36:e3:d0:cf:b8:19 Oct 22 15:44:34 charon: 01[ENC] <36> received unknown vendor ID: e3:a5:96:6a:76:37:9f:e7:07:22:82:31:e5:ce:86:52 Oct 22 15:44:34 charon: 01[IKE] <36> 79.43.191.180 is initiating a Main Mode IKE_SA Oct 22 15:44:34 charon: 01[IKE] <36> 79.43.191.180 is initiating a Main Mode IKE_SA Oct 22 15:44:34 charon: 01[ENC] <36> generating ID_PROT response 0 [ SA V V V V ] Oct 22 15:44:34 charon: 01[NET] <36> sending packet: from 192.168.2.2[500] to 79.43.191.180[500] (156 bytes) Oct 22 15:44:34 charon: 01[NET] <36> received packet: from 79.43.191.180[500] to 192.168.2.2[500] (228 bytes) Oct 22 15:44:34 charon: 01[ENC] <36> parsed ID_PROT request 0 [ KE No NAT-D NAT-D ] Oct 22 15:44:34 charon: 01[IKE] <36> local host is behind NAT, sending keep alives Oct 22 15:44:34 charon: 01[IKE] <36> local host is behind NAT, sending keep alives Oct 22 15:44:34 charon: 01[IKE] <36> remote host is behind NAT Oct 22 15:44:34 charon: 01[IKE] <36> remote host is behind NAT Oct 22 15:44:34 charon: 01[ENC] <36> generating ID_PROT response 0 [ KE No NAT-D NAT-D ] Oct 22 15:44:34 charon: 01[NET] <36> sending packet: from 192.168.2.2[500] to 79.43.191.180[500] (212 bytes) Oct 22 15:44:54 charon: 01[IKE] <36> sending keep alive to 79.43.191.180[500] Oct 22 15:44:54 charon: 01[IKE] <36> sending keep alive to 79.43.191.180[500] Oct 22 15:45:04 charon: 01[JOB] <36> deleting half open IKE_SA after timeout Oct 22 15:56:51 charon: 10[NET] <37> received packet: from 79.43.191.180[500] to 192.168.2.2[500] (384 bytes) Oct 22 15:56:51 charon: 10[ENC] <37> parsed ID_PROT request 0 [ SA V V V V V V V ] Oct 22 15:56:51 charon: 10[IKE] <37> received MS NT5 ISAKMPOAKLEY vendor ID Oct 22 15:56:51 charon: 10[IKE] <37> received MS NT5 ISAKMPOAKLEY vendor ID Oct 22 15:56:51 charon: 10[IKE] <37> received NAT-T (RFC 3947) vendor ID Oct 22 15:56:51 charon: 10[IKE] <37> received NAT-T (RFC 3947) vendor ID Oct 22 15:56:51 charon: 10[IKE] <37> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID Oct 22 15:56:51 charon: 10[IKE] <37> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID Oct 22 15:56:51 charon: 10[IKE] <37> received FRAGMENTATION vendor ID Oct 22 15:56:51 charon: 10[IKE] <37> received FRAGMENTATION vendor ID Oct 22 15:56:51 charon: 10[ENC] <37> received unknown vendor ID: fb:1d:e3:cd:f3:41:b7:ea:16:b7:e5:be:08:55:f1:20 Oct 22 15:56:51 charon: 10[ENC] <37> received unknown vendor ID: 26:24:4d:38:ed:db:61:b3:17:2a:36:e3:d0:cf:b8:19 Oct 22 15:56:51 charon: 10[ENC] <37> received unknown vendor ID: e3:a5:96:6a:76:37:9f:e7:07:22:82:31:e5:ce:86:52 Oct 22 15:56:51 charon: 10[IKE] <37> 79.43.191.180 is initiating a Main Mode IKE_SA Oct 22 15:56:51 charon: 10[IKE] <37> 79.43.191.180 is initiating a Main Mode IKE_SA Oct 22 15:56:51 charon: 10[ENC] <37> generating ID_PROT response 0 [ SA V V V V ] Oct 22 15:56:51 charon: 10[NET] <37> sending packet: from 192.168.2.2[500] to 79.43.191.180[500] (156 bytes) Oct 22 15:56:51 charon: 10[NET] <37> received packet: from 79.43.191.180[500] to 192.168.2.2[500] (228 bytes) Oct 22 15:56:51 charon: 10[ENC] <37> parsed ID_PROT request 0 [ KE No NAT-D NAT-D ] Oct 22 15:56:51 charon: 10[IKE] <37> local host is behind NAT, sending keep alives Oct 22 15:56:51 charon: 10[IKE] <37> local host is behind NAT, sending keep alives Oct 22 15:56:51 charon: 10[IKE] <37> remote host is behind NAT Oct 22 15:56:51 charon: 10[IKE] <37> remote host is behind NAT Oct 22 15:56:51 charon: 10[ENC] <37> generating ID_PROT response 0 [ KE No NAT-D NAT-D ] Oct 22 15:56:51 charon: 10[NET] <37> sending packet: from 192.168.2.2[500] to 79.43.191.180[500] (212 bytes) Oct 22 15:57:11 charon: 10[IKE] <37> sending keep alive to 79.43.191.180[500] Oct 22 15:57:11 charon: 10[IKE] <37> sending keep alive to 79.43.191.180[500] Oct 22 15:57:21 charon: 10[JOB] <37> deleting half open IKE_SA after timeout