OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 16.7 Legacy Series »
  • Can not enter peer identifier
« previous next »
  • Print
Pages: [1]

Author Topic: Can not enter peer identifier  (Read 4801 times)

uli1954

  • Newbie
  • *
  • Posts: 1
  • Karma: 0
    • View Profile
Can not enter peer identifier
« on: October 20, 2016, 02:32:30 am »
Hi,
I am trying to setup an IPSec tunnel for an iPhone.
The setup procedure requires to put in a peer identifier (usually an email address)
Strangely these 2 fields don't show up  in my window. (see attached) What am I doing wrong?
Uli
Logged

asubrama

  • Newbie
  • *
  • Posts: 1
  • Karma: 0
    • View Profile
Re: Can not enter peer identifier
« Reply #1 on: October 29, 2016, 07:28:19 pm »
I have the same issue too.
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13624
  • Karma: 1173
    • View Profile
Re: Can not enter peer identifier
« Reply #2 on: October 30, 2016, 10:52:14 am »
The peer identifier was unused and therefore removed. It is still in the docs by mistake, but it will be fixed.

Do you have issues with the mobile IPsec connections?
Logged

MasterFw

  • Newbie
  • *
  • Posts: 1
  • Karma: 0
    • View Profile
Re: Can not enter peer identifier
« Reply #3 on: December 26, 2016, 11:41:51 pm »
Hi All,

I'm having the same issue, and I can't get the Ipsec VPN to work without it!

Dec 26 17:33:51    charon: 15[ENC] generating INFORMATIONAL_V1 request 3445893822 [ HASH N(AUTH_FAILED) ]
Dec 26 17:33:51    charon: 15[IKE] found 1 matching config, but none allows pre-shared key authentication using Main Mode
Dec 26 17:33:51    charon: 15[CFG] looking for pre-shared key peer configs matching ......deleted.....
Logged

mitchskis

  • Newbie
  • *
  • Posts: 22
  • Karma: 1
    • View Profile
Re: Can not enter peer identifier
« Reply #4 on: December 30, 2016, 08:46:04 pm »
I've found that you can type anything is iOS (10.2)'s "Group Name" field and succeed but you must type something. Leaving the field null (at least in the iOS client) will cause a "Negotiation with the VPN server failed." error message.

I'd like like to see OPNsense accept a null group name.

I'd modify the documentation to
A) remove references to the "Peer identifier" at Phase 1 proposal (Authentication)
B) update Configure OSX Client to indicate the the Group Name can not be null
C) update Configure iOS Client to remove the IPsec-id row from the example settings table
D) update Configure iOS Client to add a Group Name row and indicate that it can not be null
« Last Edit: December 30, 2016, 10:13:26 pm by mitchskis »
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 16.7 Legacy Series »
  • Can not enter peer identifier
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2