Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - HGilch

Pages1

23.7 Legacy Series / Re: IPSec (defined with "Connections") doesn't find PSK anymore

January 24, 2024, 09:15:07 AM

I checked in the logs and found:

Code Select

no IDi configured, fall back on IP address
authentication of '62.XXX.XXX.45' (myself) with pre-shared key

I actually did not have IDs configured for the PSK in the connection definition, i thought that it falls back to IP. It did, but only for the local side, not for remote! So the key it found was somewhat random, obviously depending on which PSK was configured last.

After filling in the IDs it looked that way:

Code Select

  IKE_AUTH task
authentication of '62.80.52.45' (myself) with pre-shared key
[ ... ]
received INITIAL_CONTACT notify
authentication of '213.XXX.XXX.228' with pre-shared key successful

Thank you for your help, i should have seen this myself.

Hubert

23.7 Legacy Series / Re: IPSec (defined with "Connections" doesn't find PSK anymore

January 23, 2024, 05:56:33 PM

Thank you, but i have only unique combinations of Identifiers. All Identifiers are the external IPs on both sides.

Hubert

23.7 Legacy Series / [solved] IPSec (defined with "Connections") doesn't find PSK anymore

January 23, 2024, 10:29:33 AM

Hello,

i created some IPSec connections (with "Connections") and they work. Then i create another one, which works also at first, but one of the older ones won't reconnect after dropping it or IKE_REAUTH. The other side answers with AUTH_FAILED.
The only thing that gets it to work again is by deleting the PSK and creating it again.
But then i drop a different connection and then this one gets an AUTH_FAILED and after deleting and creating the PSK works again.
Does somebody know about this strange behavior?

Thank you,
Hubert

Pages1