Dear Fernando,
I tried it the way you recommended, but it still doesn't work.
I have created a network diagram and the ouzput of "route -n show -inet6"
(Two separate files).
They can be found here (my private Nextcloud):
https://cloud.mischke.it/nextcloud/index.php/s/ZnHrHMMgrofZdiF
Best re
Hello,
I am currently facing the following problem:
I have a server with two interfaces:
- em1 (Outbound / facing the Internet)
- em0 (Internal use / LAN)
(additionally: vlan1000 - parentdev is em0)
The server runs OpenBSD 6.6-stable with the latest
syspatches installed and rebooted to the p
Hello Tobias,
thanks a lot, that solved the question for me (at least on the server :) ).
Using ASN1 ids iked detects the matching policy. However, it then uses RFC7427
for auth (SIG), but the Windows 10 clients use RSA_SIG. This causes a mismatch
and the connection can't be established. (Yet, W
Hello Tobias,
thank you very much for your reply.
Below is the output of ipsecctl -s all
and the verbose output of iked
#
When the first client connects:
(1.2.3.4 is the servers public IP, 5.6.7.8 is the public IP of the DSL modem)
FLOWS:
flow esp in from 10.75.0.0/1
Hello,
I am currently setting up an Internet facing OpenBSD IPsec (IKEv2) gateway
(with a public IP - no NAT).
The box is running OpenBSD 6.4.
This is supposed to be a roadwarrior setup with multiple Windows 10 Clients.
Authentication is done via client certificates (= Machine Certificates issue
5 matches
Mail list logo