OPNsense Forum
English Forums => General Discussion => Topic started by: smooth_81 on August 19, 2019, 02:46:52 pm
-
I've setup a central opnsense appliance to host some (~600) VPN connections.
I need to use %any as Peer IP and to use rightid with distinguisher to assign the correct Config. I have no option to use something like dyndns to resolve peer ip's.
The problem comes when i define more than one tunnel with peer ip %any. When the second peer connects OPNSense does not use the right PSK, but only the PSK from the first defined Connection.
Weird, because the PSK is attached to the DN in ipsec.secrets.
Is this a bug? I'm using actual version OPNsense 19.7.2-amd64
-
Just use IKEv2, works like a charm
-
Just use IKEv2, works like a charm
That would be great, but AVM Fritzbox does not support IKEv2 >:(
Any other hint?
-
No, then the PSK has to be the same I'd guess. Or use certificate authentication