Messages

1

20.1 Legacy Series / Re: IPSec - Multiple phase 1 configuration issue

« on: March 30, 2020, 03:46:06 pm »

Ok, so no replies here

I searched a bit more, even on pfsense side, and it seems this is a limitation of the GUI for configuring such scenarios.

It's too bad, my old VPN (debian + strongswan) was configured this way and it was pretty straight forward.

I guess maybe the solution is to try to configure ipsec.conf manually? the issue is that eventually It will get replaced by the OPNsense GUI / services..

2

20.1 Legacy Series / IPSec - Multiple phase 1 configuration issue

« on: March 26, 2020, 03:10:14 pm »

Hi everyone,

I'm trying to accomplish the following:

- Setup IPSec VPN with EAP-MSCHAPv2 via IKEv2 (Windows machines RoadWarriors)
- Setup IPSec VPN with Mutual PSK +Xauth via IKEv1 (Android RoadWarriors)

I configured each one of the above alone and they work properly, but I cannot get both scenarios setup.

In theory It should be possible by adding a new Phase 1 tunnel, but as soon as I configure one of the above, the second phase one only shows me these as possible choice for Authentication Method:

- Mutual RSA
- Mutual Public Key
- Mutual PSK

What am I missing? Is this not possible?

Thank you for your help.