Hello, I'm a relative newbie to ipsec on pfsense. I'm trying to establish an ipsec vpn connection to a netgear FVS124G. I already have a connection going to a sonicwall and that runs fine.
The configuration on the pfsense is remote ip address PSK = <the key> and they match Interface = WAN (and its my primary address) Local Subnet = LAN Subnet remote subnet = 192.168.1.0/24 remote gateway = <remote ip address> Description = Charlotte Corporate Phase 1 Negotiation mode = main My identifier = My IP address Encryption algorithm = 3DES Hash algorithm = SHA1 DH Key group = 2 (1024 bit) lifetime = 86400 Autentication Method = Pre-Shared Key Pre-Shared Key = <my psk> Phase 2 (SA/Key Exchange) Protocol = ESP Encryption Algorithms = 3DES Hash Algoritm = SHA1 PFS key group = 2 (1024 bit) Lifetime = 28800 On the Netgear IKE Policy General name = pwmtest Direction/Type = Both Directions Exchange Mode = Main Mode Local Select Local Gateway = Wan1 (69.whatever) Local Identity type WAN IP Address Remote Remote Host Configuration Record = None Remote Identity Type = WAN IP IKE SA Parameters Encryption Algorithm = 3DES Authentication Algorithm = SHA1 Authentication Method = Pre-shared Key <my key> Diffie-Hellman (DH) Group = Group 2 (1024 bit) SA Life Time = 28800 On the Netgear VPN Policy General Policy Name = pwmtest IKE Policy = pwmtest Remote VPN Endpoint Type = IP Address Remote VPN Endpoint IP Address = <my ip address> Traffic Selector Local IP = Subnet address Start IP address = 192.168.1.0 Finish IP Address = N/A Subnet Mask = 255.255.255.0 Remote IP = Subnet address Start IP Address = 10.0.0.0 Finnish IP Address = n/a Subnet Mask = 255.255.252.0 AH Conguration = unchecked ESP Configuration Enable Encryption = checked = 3DES Enable Authentication = checked = SHA-1 >From the pfsense I get: (some lines wrapped) racoon: INFO: respond new phase 1 negotiation: <local wan ip>[500]<=><remote wan ip>[500] racoon: ERROR: not acceptable Identity Protection mode racoon: ERROR: not acceptable Identity Protection mode Thanks in advance -- Curtis Maurand Senior Network & Systems Engineer BlueTarp Financial, Inc. 443 Congress St. 6th Floor Portland, ME 04101 207.797.5900 x233 (office) 207.797.3833 (fax) mailto:[EMAIL PROTECTED] http://www.bluetarp.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]