"
Hi all,
I experience an issue with all my IPSEC VPN's after upgrading to 23.1:
my config:
I didn't changed something before the upgrade, and the partner sides didn't change either.
Does anybody have an Idea about it?
Thank You!
Best Regrads,
Volker
I experience an issue with all my IPSEC VPN's after upgrading to 23.1:
Code Select
root@adrasteia:/usr/local/etc/swanctl # swanctl -i -i con1
no files found matching '/usr/local/etc/strongswan.opnsense.d/*.conf'
[IKE] initiating Aggressive Mode IKE_SA con1[5] to xx.xx.xx.xx
[ENC] generating AGGRESSIVE request 0 [ SA KE No ID V V V V V ]
[NET] sending packet: from xx.xx.xx.xx[500] to xx.xx.xx.xx[500] (488 bytes)
[NET] received packet: from xx.xx.xx.xx[500] to xx.xx.xx.xx[500] (40 bytes)
[ENC] parsed INFORMATIONAL_V1 request 0 [ N((29)) ]
[IKE] received (29) error notify
initiate failed: establishing IKE_SA 'con1' failed
my config:
Code Select
con1 {
unique = replace
aggressive = yes
version = 1
mobike = no
local_addrs = xx.xx.xx.xx
local-0 {
id = xx.xx.xx.xx
auth = psk
}
remote-0 {
id = xx.xx.xx.xx
auth = psk
}
remote_addrs = xx.xx.xx.xx
encap = no
proposals = aes192-sha256-modp2048
children {
con1-000 {
start_action = route
policies = yes
mode = tunnel
sha256_96 = no
local_ts = 172.16.8.0/22
remote_ts = 192.168.10.0/25
reqid = 1
esp_proposals = aes192-sha256-modp2048
life_time = 3600 s
}
}
}
.
.
.
secrets {
ike-p1-0 {
id-0 =
id-1 = xx.xx.xx.xx
secret = xxxxxxxxxxxxxxxxxxxxxxxxxxx
}
.
.
.
}
I didn't changed something before the upgrade, and the partner sides didn't change either.
Does anybody have an Idea about it?
Thank You!
Best Regrads,
Volker
