On Sat, Mar 07, 2015 at 08:29:43PM -0500, Joshua Smith wrote: > Hello misc@, > > I am working on setting up site to site ipsec VPN between a few locations all > with openbsd 5.6 stable "gateways" at them using iked. Since I've never done > any of this before I am starting with a basic host to host setup using pre > shared keys in my lab. I am running into an issue where the flows are only > getting created on one end of the setup. Here are the details: > > HOST 1: > ip address 172.16.204.139 > iked.conf: ikev2 "test" active esp from 172.16.204.139 to 172.16.204.140 psk > "test" > > HOST 2: > ip address 172.16.204.139 > iked.conf: ikev2 "test" esp from 172.15.204.140 to 172.16.204.139 psk "test"
Hi there. Don't use PSKs with iked(8) and 5.6. Use certs, or use -current. http://marc.info/?l=openbsd-misc&m=141562487120440&w=2