[pfSense Support] pfSense v1.2.3 - IPSec Mobile Client connected, but cannot reach/ping any server

Wed, 15 Dec 2010 23:36:05 -0800 

I'm trying to get the VPN IPSec mobile client working.
The connection to remote network is established, but if I try to connect to remote machines, I can't. 


The IPsec log:
Dec 16 16:29:14 racoon: ERROR: such policy does not already exist: "0.0.0.0/0[0] 192.168.143.5/32[0] proto=any dir=out" Dec 16 16:29:14 racoon: *[Unknown Gateway/Dynamic]*: ERROR: such policy does not already exist: "192.168.143.5/32[0] 0.0.0.0/0[0] proto=any dir=in" Dec 16 16:29:14 racoon: *[vpn_ac]*: INFO: IPsec-SA established: ESP 221.186.114.24[0]->122.130.80.207[0] spi=512828402(0x1e9123f2) Dec 16 16:29:14 racoon: *[vpn_ac]*: INFO: IPsec-SA established: ESP 122.130.80.207[0]->221.186.114.24[0] spi=183373000(0xaee0cc8) Dec 16 16:29:14 racoon: INFO: no policy found, try to generate the policy : 192.168.143.5/32[0] 0.0.0.0/0[0] proto=any dir=in Dec 16 16:29:14 racoon: *[vpn_ac]*: INFO: respond new phase 2 negotiation: 221.186.114.24[0]<=>122.130.80.207[0] Dec 16 16:29:08 racoon: *[vpn_ac]*: INFO: ISAKMP-SA established 221.186.114.24[500]-122.130.80.207[500] spi:a8537d0c8fbfc48c:27052a568c4aa4fc 
Dec 16 16:29:08         racoon: INFO: received Vendor ID: CISCO-UNITY
Dec 16 16:29:08         racoon: INFO: received Vendor ID: DPD
Dec 16 16:29:08         racoon: INFO: received broken Microsoft ID: 
FRAGMENTATION
Dec 16 16:29:08         racoon: INFO: received Vendor ID: RFC 3947
Dec 16 16:29:08 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03 Dec 16 16:29:08 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02 Dec 16 16:29:08 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-01 Dec 16 16:29:08 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-00 
Dec 16 16:29:08         racoon: INFO: begin Aggressive mode.
Dec 16 16:29:08 racoon: *[vpn_ac]*: INFO: respond new phase 1 negotiation: 221.186.114.24[500]<=>122.130.80.207[500] 


Firewall rule is created at the IPsec tab:
Proto:* Source:* Port:* Destination:* Port:* GW:*

I also have setup a non-mobile client IPsec. It works without any problems.
As mobile client, I use Shrew Soft VPN connector and it is configues as explained here: http://doc.pfsense.org/index.php/IPsec_Road_Warrior/Mobile_Client_How-To
The client firewall is temporary turned off, so even this cannot be the problem. 


Any hints??

Thanks

Maik

<<attachment: maik.vcf>>

---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Reply via email to