Messages

Are there any capabilities to send opnsense syslogs off box in the common event format (CEF)?

Base CEF format is typically:

CEF:Version|Device Vendor|Device Product|Device Version|Signature ID|Name|Severity|Extension

Hello all,

I have an IPSec VPN setup to iOS devices that is working without issue, however, I would like to push a route to an internal network other than the LAN subnet in order for my clients to reach an additional internal subnet through the VPN tunnel.  However, in the IPSec configuration it appears that I can only specify one local network in the phase 2 configuration.

Does anyone know how I can accomplish this?

Thanks,

Chris

Sigh, for some reason my opnsense box wasn't picking up the updates available since the base release of 16.1 until just a few minutes ago.  Updating to 16.1.17 fixed this issue for me.  My iOS client now connects as expected.

After following the guide at:

https://docs.opnsense.org/manual/how-tos/ipsec-road.html

My iOS device fails to connect to my VPN.  When I look at the VPN logs, I see:

Jun 19 00:14:06   charon: 11[NET] sending packet: from xx.xx.xx.xx[500] to xx.xx.xx.xx[29123] (56 bytes)
Jun 19 00:14:06   charon: 11[ENC] generating INFORMATIONAL_V1 request 84313137 [ N(AUTH_FAILED) ]
Jun 19 00:14:06   charon: 11[IKE] Aggressive Mode PSK disabled for security reasons
Jun 19 00:14:06   charon: 11[IKE] <36> Aggressive Mode PSK disabled for security reasons
Jun 19 00:14:06   charon: 11[IKE] xx.xx.xx.xx is initiating a Aggressive Mode IKE_SA
Jun 19 00:14:06   charon: 11[IKE] <36> xx.xx.xx.xx is initiating a Aggressive Mode IKE_SA

I have triple checked that aggressive mode is selected in my config, and saved and restarted the service after doing so. 

Any ideas on what I'm doing wrong or what else I can try?