Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
15.7 Legacy Series
»
[SOLVED] IPSec, ca't connect from WAN
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] IPSec, ca't connect from WAN (Read 7160 times)
Kuragari
Jr. Member
Posts: 66
Karma: 11
[SOLVED] IPSec, ca't connect from WAN
«
on:
October 05, 2015, 10:58:03 pm »
Hello, I try to make working my VPN with my iPhone and MacBook.
I have make IPSec VPN IKEv1, all work correctly on LAN (so i think my IPSec VPN configuration is correct). Now i just switch in phase 1 the interface LAN to WAN and i try to connect thought WAN interface and that don't work.
My configuration OPNSense --> ISP modem --> Internet. IPS Modem can't do bridge so i have double NAT and OPNSense is in DMZ. The problem don't come from double NAT because i have try with my computer between OPNSense and ISP modem.
I have try to authorize everything come from WAN, same result (so the problem normally don't come from rules, anyway my rules accept UDP 500, UDP 4500 and ESP).
Any ideas ?
My log (last entry) :
Oct 5 17:43:13 charon: 12[JOB] deleting half open IKE_SA after timeout
Oct 5 17:43:07 charon: 12[NET] sending packet: from 192.168.1.2[500] to 80.12.55.122[1011] (408 bytes)
Oct 5 17:43:07 charon: 12[IKE] sending retransmit 3 of response message ID 0, seq 1
Oct 5 17:43:07 charon: 12[IKE] <con1|60> sending retransmit 3 of response message ID 0, seq 1
Oct 5 17:42:54 charon: 12[NET] sending packet: from 192.168.1.2[500] to 80.12.55.122[1011] (408 bytes)
Oct 5 17:42:54 charon: 12[IKE] sending retransmit 2 of response message ID 0, seq 1
Oct 5 17:42:54 charon: 12[IKE] <con1|60> sending retransmit 2 of response message ID 0, seq 1
Oct 5 17:42:47 charon: 12[NET] sending packet: from 192.168.1.2[500] to 80.12.55.122[1011] (408 bytes)
Oct 5 17:42:47 charon: 12[IKE] sending retransmit 1 of response message ID 0, seq 1
Oct 5 17:42:47 charon: 12[IKE] <con1|60> sending retransmit 1 of response message ID 0, seq 1
Oct 5 17:42:43 charon: 12[NET] sending packet: from 192.168.1.2[500] to 80.12.55.122[1011] (408 bytes)
Oct 5 17:42:43 charon: 12[ENC] generating AGGRESSIVE response 0 [ SA KE No ID NAT-D NAT-D HASH V V V V ]
«
Last Edit: October 06, 2015, 10:34:29 pm by franco
»
Logged
Kuragari
Jr. Member
Posts: 66
Karma: 11
Re: IPSec, ca't connect from WAN
«
Reply #1 on:
October 05, 2015, 11:19:52 pm »
Problem solved
I have forget to open HA protocol.
I will try to make tuto as soon as possible.
Logged
franco
Administrator
Hero Member
Posts: 17484
Karma: 1589
Re: [SOLVED] IPSec, ca't connect from WAN
«
Reply #2 on:
October 06, 2015, 10:35:02 pm »
Neat, marked as [SOLVED], good work.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
15.7 Legacy Series
»
[SOLVED] IPSec, ca't connect from WAN