1
Virtual private networks / IPSec "Road Warrior" VPN Setup between OPNSense 20.7 and Ubuntu 20.04 LTS
« on: December 12, 2020, 01:48:59 am »
I have torn out what little hair I have left over the course of the past few hours. I simply cannot get this to work.
First it was a problem with the certificate CN not matching, but got that to work by using the IP instead of the FQDN. Then EAP was failing because the instructions didn't mention you needed to add an extra package (apt install libcharon-extra-plugins).
Now EAP fails because authentication fails "EAP-MS-CHAPv2 failed with error ERROR_AUTHENTICATION_FAILURE: '(null)'", even though the username entered matches the PSK entry (user, password, EAP) and I've even tried a PSK value against a full blown user account in opnSense as opposed to just an EAP entry on the "Pre shared Keys" page.
If anyone has a start to finish step by step guide for this (and yes, I have read the official guide (https://docs.opnsense.org/manual/how-tos/ipsec-road.html) and then the linux bit here: (https://docs.opnsense.org/manual/how-tos/ipsec-rw-linux.html), but all to no avail
Any help would be gratefully received.
First it was a problem with the certificate CN not matching, but got that to work by using the IP instead of the FQDN. Then EAP was failing because the instructions didn't mention you needed to add an extra package (apt install libcharon-extra-plugins).
Now EAP fails because authentication fails "EAP-MS-CHAPv2 failed with error ERROR_AUTHENTICATION_FAILURE: '(null)'", even though the username entered matches the PSK entry (user, password, EAP) and I've even tried a PSK value against a full blown user account in opnSense as opposed to just an EAP entry on the "Pre shared Keys" page.
If anyone has a start to finish step by step guide for this (and yes, I have read the official guide (https://docs.opnsense.org/manual/how-tos/ipsec-road.html) and then the linux bit here: (https://docs.opnsense.org/manual/how-tos/ipsec-rw-linux.html), but all to no avail
Any help would be gratefully received.