I'm trying to get the VPN IPSec mobile client working.
The connection to remote network is established, but if I try to connect to remote machines, I can't.
The IPsec log:Dec 16 16:29:14 racoon: ERROR: such policy does not already exist: "0.0.0.0/0[0] 192.168.143.5/32[0] proto=any dir=out" Dec 16 16:29:14 racoon: *[Unknown Gateway/Dynamic]*: ERROR: such policy does not already exist: "192.168.143.5/32[0] 0.0.0.0/0[0] proto=any dir=in" Dec 16 16:29:14 racoon: *[vpn_ac]*: INFO: IPsec-SA established: ESP 221.186.114.24[0]->122.130.80.207[0] spi=512828402(0x1e9123f2) Dec 16 16:29:14 racoon: *[vpn_ac]*: INFO: IPsec-SA established: ESP 122.130.80.207[0]->221.186.114.24[0] spi=183373000(0xaee0cc8) Dec 16 16:29:14 racoon: INFO: no policy found, try to generate the policy : 192.168.143.5/32[0] 0.0.0.0/0[0] proto=any dir=in Dec 16 16:29:14 racoon: *[vpn_ac]*: INFO: respond new phase 2 negotiation: 221.186.114.24[0]<=>122.130.80.207[0] Dec 16 16:29:08 racoon: *[vpn_ac]*: INFO: ISAKMP-SA established 221.186.114.24[500]-122.130.80.207[500] spi:a8537d0c8fbfc48c:27052a568c4aa4fc
Dec 16 16:29:08 racoon: INFO: received Vendor ID: CISCO-UNITY Dec 16 16:29:08 racoon: INFO: received Vendor ID: DPD Dec 16 16:29:08 racoon: INFO: received broken Microsoft ID: FRAGMENTATION Dec 16 16:29:08 racoon: INFO: received Vendor ID: RFC 3947Dec 16 16:29:08 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03 Dec 16 16:29:08 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02 Dec 16 16:29:08 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-01 Dec 16 16:29:08 racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-00
Dec 16 16:29:08 racoon: INFO: begin Aggressive mode.Dec 16 16:29:08 racoon: *[vpn_ac]*: INFO: respond new phase 1 negotiation: 221.186.114.24[500]<=>122.130.80.207[500]
Firewall rule is created at the IPsec tab: Proto:* Source:* Port:* Destination:* Port:* GW:* I also have setup a non-mobile client IPsec. It works without any problems.As mobile client, I use Shrew Soft VPN connector and it is configues as explained here: http://doc.pfsense.org/index.php/IPsec_Road_Warrior/Mobile_Client_How-To
The client firewall is temporary turned off, so even this cannot be the problem.
Any hints?? Thanks Maik
<<attachment: maik.vcf>>
--------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org