Messages

Hi Franco,

What do you think causing this behavior? Opensense implementation of the StrongSwan or wrong configuration on my side? I have checked my certificates few times and they look ok. I have followed pfsense guide https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2 for setting this connection. I will try to recreate same config on pfsense to see the logs and compare, will also post opnsense generated file config vs pfsense for same scenario.

Thank you,
Andrei

Hi,

After some testing with Windows 7 and StrongSwan android client I am getting the same error on both.
Please see attached final part of the Log. What could be the problem? Anyone has any suggestions?

Thank you,
Andrei

Hi,

I have applied patch. From the gui side everything looks good.
When I tried to connect I have got the following error: Error Description: 13801: IKE authentication credentials are unacceptable. I didn't have a chance to go over my config and certificates. I will do that on this weekend and try to figure out what is the cause of that.

Thank you,
Andrei

Thank you very much!

Cannot wait to give this a test. Would this fix be included in 16.7.7 update?

Hi,

Unfortunately, I don't have an account for github. Don't want to open one just for this. Could you or someone else make a future request on github? This should allow using windows 7, 8 or 10 build in vpn to be able to make roadwarrior to office network.

Thank you,
Andrei

Could you please add option to select preshared key as EAP or PSK.
If I manually go to var/local/etc/ipsec.secrets and change default PSK to EAP after restart ipsec service via gui I end up with key type set as PSK again. When I do connect from windows 7 using EAP-MSCHAPv2 the log on opnsense shows that it is missing EAP key to authenticate.

Thank you.