IPSEC with IKEv2 and PSK



  • Hi All,

    I think I'm blind or do not understand how this is working.

    I want to establish a VPN Tunnel between an ASA an my pfsense and I want to use IKEv2. Now I got the configuration data incl. the two (local and remote) Passwords. The ASA is correctly configured and ready to go.

    But, when I now want to configure the IPSEC Tunnel on my pfsense, then I miss the field for TWO Passwords. I can only configure one PSK.

    I tried both Passwords in the PSK field in the IPSEC configuration, but I got an AUTH_FAIL in the Logs. Then I tried to configure the both Passwords in the Preshared Key with the IP Addresses as Identifier. But again I'm getting AUTH_FAIL in the Logs.

    Where do I have to configured the two Passwords is my question!

    Many thanks in advance!

    Kind Regards,
    DrMxxxxx



  • As far as I'm aware of, PSK is just ONE password, shared between both sites. There is no such thing as a local and remote password



  • Think it's the mutual psk + xauth authentication option that you have to use for that. Also only IKEv1 i think.



  • The ASA lets you configure a different local and remote PSK with IKEv2, we use the same for both like most everything else does. Configure both the same on the ASA.



  • Hi All,

    thanks for the answers. We decided to take IKEv1 … Now it is working. :)

    Regards,
    M


Log in to reply