"
I think I found an issue: I didn´t set (local and remote) IDs in the authentication-round.
Now it seems to work better.
Now it seems to work better.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
25.1, 25.4 Production Series / Re: IPsec VTI Connection Authentication-Error after Reboot
June 17, 2025, 01:27:24 PM #2
25.1, 25.4 Production Series / IPsec VTI Connection Authentication-Error after Reboot
June 17, 2025, 10:35:18 AM
Hello,
I want to connect two OPNsenses with IPSec-VPN. I use the new Connection Type (with PSK and default proposals) and Route-Based VTI.
Basically the Connection establishes, but then I have the following Problem:
After a reboot from one OPNsense, the Connection is broken. If I manually trigger the Peer-Initialisation, then authentication fails and the counterpart raises:
Vice versa the behaviour is the same, then the other OPNsense raises the Error.
I found out: When I delete the PreShredKey-Object and recreate it with the same parameters, I´m able to establishe the connection again.
What I am missing / doing wrong?
Additional Information: I have already VTI-VPN-Connections configured to other third-party-gateways, with the Local and Remote-Net 0.0.0.0/0 in the vpn-child-configuration. Can this cause the error?
Thanks!
I want to connect two OPNsenses with IPSec-VPN. I use the new Connection Type (with PSK and default proposals) and Route-Based VTI.
Basically the Connection establishes, but then I have the following Problem:
After a reboot from one OPNsense, the Connection is broken. If I manually trigger the Peer-Initialisation, then authentication fails and the counterpart raises:
Code Select
tried 1 shared key for '%any' - '$IP-Address', but MAC mismatchedVice versa the behaviour is the same, then the other OPNsense raises the Error.
I found out: When I delete the PreShredKey-Object and recreate it with the same parameters, I´m able to establishe the connection again.
What I am missing / doing wrong?
Additional Information: I have already VTI-VPN-Connections configured to other third-party-gateways, with the Local and Remote-Net 0.0.0.0/0 in the vpn-child-configuration. Can this cause the error?
Thanks!
Pages1
