[pfSense Support] Site to Site VPN Error

2009-10-28 Thread Koray AGAYA
I Use Pfsense 1.2.2 and Error is below Can you help me please ! Oct 28 09:55:28 racoon: ERROR: such policy already exists. anyway replace it: 10.0.1.0/24[0] 10.0.0.0/24[0] proto=any dir=in Oct 28 09:55:28 racoon: [Self]: INFO: X.X.166.34[500] used as isakmp port (fd=15) Oct 28 09:55:28

Re: [pfSense Support] Site to Site VPN Error

2009-10-28 Thread Chris Buechler
On Wed, Oct 28, 2009 at 4:11 AM, Koray AGAYA insanad...@gmail.com wrote: I Use Pfsense 1.2.2 and Error is below Can you help me please ! Oct 28 09:55:28     racoon: ERROR: such policy already exists. anyway replace it: 10.0.1.0/24[0] 10.0.0.0/24[0] proto=any dir=in Oct 28 09:55:28    

Re: [pfSense Support] Site to Site VPN Error

2009-10-28 Thread Koray AGAYA
More information = Both pfsense machine conenect to normal connection( Not crossover ) same switch an switch is have distribute real IP I make to site site VPN. Is it true ? On Wed, Oct 28, 2009 at 10:34 AM, Chris Buechler c...@pfsense.org wrote: On Wed, Oct 28, 2009 at 4:11 AM, Koray

Re: [pfSense Support] Site to Site VPN Error

2009-10-28 Thread Koray AGAYA
Both pfsense change to cable ( I use to both site crosover cable ) But same error Oct 28 11:32:09 racoon: [Self]: INFO: X.X.X.x.43[500] used as isakmp port (fd=15) Oct 28 11:32:09 racoon: [Self]: INFO: 10.0.1.1[500] used as isakmp port (fd=14) Oct 28 11:32:09 racoon: [Self]: INFO:

[pfSense Support] Re: {Disarmed} Re: [pfSense Support] Site to Site VPN Error

2009-10-28 Thread Johan Hendriks
Do not ping to the pfsense routers itself for the keep alive ping. It will not work, do not use it or use a machine behind the pfsense box. regards, Johan Koray AGAYA schreef: Both pfsense change to cable ( I use to both site crosover cable ) But same error Oct 28 11:32:09 racoon:

Re: [pfSense Support] Filter Rules for OpenVPN connections

2009-10-28 Thread Andreas Fuchs
Sorry for the late answer, but thanks to all who helpped getting this working! So to get Firewall Rules for your OpenVPN connections working, in short we did: #1: Upgrade to 1.2.3 RC3 or newer #2: Enter a Custom Option of dev tunX in the OpenVPN confguration (Check the logs to find out which

Re: [pfSense Support] Re: {Disarmed} Re: [pfSense Support] Site to Site VPN Error

2009-10-28 Thread Chris Buechler
2009/10/28 Johan Hendriks j.hendr...@schavemaker.com: Do not ping to the pfsense routers itself for the keep alive ping. It will not work, do not use it or use a machine behind the pfsense box. As long as you use an IP that's reachable using the VPN (i.e. LAN, not WAN), it will work fine.

Re: [pfSense Support] Re: {Disarmed} Re: [pfSense Support] Site to Site VPN Error

2009-10-28 Thread Johan Hendriks
Chris Buechler schreef: 2009/10/28 Johan Hendriksj.hendr...@schavemaker.com: Do not ping to the pfsense routers itself for the keep alive ping. It will not work, do not use it or use a machine behind the pfsense box. As long as you use an IP that's reachable using the VPN (i.e. LAN,

Re: [pfSense Support] Site to Site VPN Error

2009-10-28 Thread Chris Buechler
2009/10/28 Koray AGAYA insanad...@gmail.com: Both pfsense change to cable ( I use to both site crosover cable ) But same error Again, that's not showing any actual errors. It doesn't show it even attempting to negotiate. That's because you're trying to connect 10.0.1.0/24 to 10.0.1.1/32. Those

Re: [pfSense Support] Site to Site VPN Error

2009-10-28 Thread Chris Buechler
On Wed, Oct 28, 2009 at 12:58 PM, Johan Hendriks j.hendr...@schavemaker.com wrote: You are right, but there was a time that the pfsense box itself could not ping the other pfsense box on the other side, or was it with monowall?  well i always assumed that it still was that way. That's true

Re: [pfSense Support] 1.2.3-RC2 IPSec SPD is not updated if you disable IPSec tunnel

2009-10-28 Thread Ask Bjørn Hansen
On Sep 25, 2009, at 7:39, Evgeny Yurchenko wrote: If you disable IPSec tunnel SPD entries for this tunnel are not removed. Thank you for finding this problem and posting it to the list. I was migrating an ipsec VPN to OpenVPN yesterday and spent hours unable to get it to work properly.