Show Posts
1
Virtual private networks / IPsec VPN client from router to Provider
« on: July 07, 2023, 11:14:30 am »
Hi,
I would like to connect my OPNsense with a LTE card to my provider via an IPsec tunnel for obtaining a static public IP.
The LTE interface obtain a dynamic IP from his ppp.
I tryed to use route-based tunnel but maybe this is the wrong way...
The phase 1 looks correct but I need to obtain from the phase 2 a dynamic IP from my provider.
The address source and destination in the tunnel are 0.0.0.0 but I obtain any address.
Logs in my router :
12[CHD] <con1|1> CHILD_SA con1{1} state change: CREATED => DESTROYING
12[IKE] <con1|1> failed to establish CHILD_SA, keeping IKE_SA
12[IKE] <con1|1> received FAILED_CP_REQUIRED notify, no CHILD_SA built
My provider support tells me that no address negotiation is performed in the tunnel.
How can I do this ? Is possible in this configuration or should I use another configuration ?
Tks for your help.
I would like to connect my OPNsense with a LTE card to my provider via an IPsec tunnel for obtaining a static public IP.
The LTE interface obtain a dynamic IP from his ppp.
I tryed to use route-based tunnel but maybe this is the wrong way...
The phase 1 looks correct but I need to obtain from the phase 2 a dynamic IP from my provider.
The address source and destination in the tunnel are 0.0.0.0 but I obtain any address.
Logs in my router :
12[CHD] <con1|1> CHILD_SA con1{1} state change: CREATED => DESTROYING
12[IKE] <con1|1> failed to establish CHILD_SA, keeping IKE_SA
12[IKE] <con1|1> received FAILED_CP_REQUIRED notify, no CHILD_SA built
My provider support tells me that no address negotiation is performed in the tunnel.
How can I do this ? Is possible in this configuration or should I use another configuration ?
Tks for your help.