Messages

1

General Discussion / Need Help on Setting up IPSec as Gateway Using Provider VPN

« on: January 09, 2020, 07:24:30 pm »

I'm trying to use IPSec to connect to a VPN service provider's VPN server by creating a IPSec configuration file under /usr/local/etc/ipsec.opnsense.d.  It's connected and was able to ping the VPN gateway.  I can also see a new tun0 interface with ip assigned.  However, the tun0 tunnel is not showing up in the Opnsense interface assignment list.  I manually updated config.xml to assign it to Opt1.  In the gateway settings, I can see it's online but not working.  Any recommendation to make it working?

Code: [Select]

config setup
   #charondebug="all"
   uniqueids=yes
   strictcrlpolicy=no

conn vpncon
   keyexchange=ikev2
   dpdaction=clear
   dpddelay=300s
   eap_identity=username
   leftauth=eap-mschapv2
   left=%defaultroute
   leftsourceip=%config
   #leftsubnet=0.0.0.0/0
   #leftsubnet=192.168.16.0/20
   #leftdns=%config4

   right=vpnserver.com

   rightauth=pubkey
   #rightsubnet=0.0.0.0/0
   rightid=%any
   #leftupdown=/root/route.sh
   type=tunnel
   ike=aes256-sha2_256-modp1024!
   esp=aes256-sha2_256
   #strongvpn
   auto=start
   #auto=add



Code: [Select]

tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
        options=80000<LINKSTATE>
        inet6 fe80::a00:27ff:feec:879c%tun0 prefixlen 64 scopeid 0xb
        inet 192.198.120.62 --> 192.198.120.62 netmask 0xffffffff
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        groups: tun
        Opened by PID 38992