i am trying to establish a site to site vpn between to opnsense box. Box1 have version 23.7.12_5 and Box 2 have version 24.1.2_1. The two isp connexion have a dynamic ip. Phase one and phase 2 are congured using the same settings. I saw the connexion coming out of box1 to box2 on port 500. I saw the incoming conexion coming in in box1. But the vpn never came up.
i initiate the connexion from the Box1.
I have attached the log from the Box2.
i have added the rule for port 500 4500 nat-traversal and for ESP protocol
Thank you
i have done a new lookup at the log here is what i found. See the attached file.
it always failed with NO_PROPOSAL_CHOSEN
Assuming you are correct and the phase 1 parameters are indeed identical, are the phase 2 networks mirrored? I.e. what is local at site A is remote at site B and vice versa?
yes it is