This IPSEC tunnel used to work on an earlyier versionand now
it doesn’t
Is there stillissues with ipsec stuff???
Server1
This pfsense box is being coonected to
racoon: INFO: ISAKMP-SA established
192.168.3.101[500]-80.242.37.134[500] spi:3bd28a84bb4e8865:0a2d5d0284a5ea3f
|
Jul 30 01:45:27
|
racoon: INFO: respond new phase 2 negotiation:
192.168.3.101[0]<=>80.242.37.134[0]
|
Jul 30 01:45:27
|
racoon: INFO: no policy found, try to generate the policy
: 10.4.230.10/32[0] 10.4.237.0/24[0] proto=any dir=in
|
Jul 30 01:45:30
|
kernel: WARNING: pseudo-random number generator used for
IPsec processing
|
Jul 30 01:45:30
|
kernel: WARNING: pseudo-random number generator used for
IPsec processing
|
Jul 30 01:45:30
|
racoon: INFO: IPsec-SA established: ESP/Tunnel xxx.xxx.xxx.xx1[0]->xxx.xxx.xxx.xx2[0]
spi=161785307(0x9a4a5db)
|
Jul 30 01:45:30
|
racoon: INFO: IPsec-SA established: ESP/Tunnel xxx.xxx.xxx.xx2[0]->xxx.xxx.xxx.xx1[0]
spi=56018201(0x356c519)
|
Jul 30 01:45:30
|
racoon: ERROR: such policy does not already exist: xxx.xxx.xxx.local1/32[0]
xxx.xxx.local2.0/24[0] proto=any dir=in
|
Jul 30 01:45:30
|
racoon: ERROR: such policy does not already exist: xxx.xxx.local2.0/24[0]
xxx.xxx.xxx.local1/32[0] proto=any dir=out
|
Sever2
This pfsense box is connecting to the other
Jul 30 01:45:24
|
racoon: INFO: begin Aggressive mode.
|
Jul 30 01:45:26
|
racoon: WARNING: No ID match.
|
Jul 30 01:45:26
|
racoon: INFO: ISAKMP-SA established xxx.xxx.xxx.xx2[500]-xxx.xxx.xxx.xx1[500]
spi:3bd28a84bb4e8865:0a2d5d0284a5ea3f
|
Jul 30 01:45:27
|
racoon: INFO: initiate new phase 2 negotiation: xxx.xxx.xxx.xx1[0]<=>xxx.xxx.xxx.xx2[0]
|
Jul 30 01:45:30
|
racoon: INFO: IPsec-SA established: ESP/Tunnel xxx.xxx.xxx.xx2[0]->xxx.xxx.xxx.xx1[0]
spi=56018201(0x356c519)
|
Jul 30 01:45:30
|
racoon: INFO: IPsec-SA established: ESP/Tunnel xxx.xxx.xxx.xx1[0]->xxx.xxx.xxx.xx2[0]
spi=161785307(0x9a4a5db)
|
|
- [pfSense Support] ipsec alan walters
-