16
18.7 Legacy Series / Replaced pfSense for OPNsense, IPSEC will not connect (to SonicWALL router)
« on: November 02, 2018, 09:50:39 pm »
Hi,
I'm trying to connect a SonicWALL router with IPSEC to my new OPNsense 18.7.6 A10 appliance.
Internet is fiber from Xs4all, pppoe.
IPSEC log:
Nov 2 21:42:44 charon: 11[NET] <con2|22> sending packet: from a.a.a.a[500] to b.b.b.b[500] (80 bytes)
Nov 2 21:42:44 charon: 11[ENC] <con2|22> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Nov 2 21:42:44 charon: 11[IKE] <con2|22> no shared key found for '%any' - 'www.bbbb.nl'
Nov 2 21:42:44 charon: 11[CFG] <con2|22> selected peer config 'con2'
Nov 2 21:42:44 charon: 11[CFG] <22> looking for peer configs matching a.a.a.a[%any]...b.b.b.b[www.bbbb.nl]
Nov 2 21:42:44 charon: 11[ENC] <22> parsed IKE_AUTH request 1 [ IDi CERTREQ AUTH SA TSi TSr N(INIT_CONTACT) ]
Nov 2 21:42:44 charon: 11[NET] <22> received packet: from b.b.b.b[500] to a.a.a.a[500] (240 bytes)
Nov 2 21:42:44 charon: 11[NET] <22> sending packet: from a.a.a.a[500] to b.b.b.b[500] (440 bytes)
Nov 2 21:42:44 charon: 11[ENC] <22> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ]
Nov 2 21:42:44 charon: 11[IKE] <22> b.b.b.b is initiating an IKE_SA
Nov 2 21:42:44 charon: 11[ENC] <22> received unknown vendor ID: 2a:67:75:d0:ad:2a:a7:88:7c:33:fe:1d:68:ba:f3:08:96:6f:00:01
Nov 2 21:42:44 charon: 11[ENC] <22> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) V ]
Nov 2 21:42:44 charon: 11[NET] <22> received packet: from b.b.b.b[500] to a.a.a.a[500] (444 bytes)
I copied the settings from my old pfSense router, but here the tunnel will not get up.
I have added the 3 WAN rules and 1 IPSEC to LAN rule, and applied these.
Anyone an idea?
Thanks!
I'm trying to connect a SonicWALL router with IPSEC to my new OPNsense 18.7.6 A10 appliance.
Internet is fiber from Xs4all, pppoe.
IPSEC log:
Nov 2 21:42:44 charon: 11[NET] <con2|22> sending packet: from a.a.a.a[500] to b.b.b.b[500] (80 bytes)
Nov 2 21:42:44 charon: 11[ENC] <con2|22> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Nov 2 21:42:44 charon: 11[IKE] <con2|22> no shared key found for '%any' - 'www.bbbb.nl'
Nov 2 21:42:44 charon: 11[CFG] <con2|22> selected peer config 'con2'
Nov 2 21:42:44 charon: 11[CFG] <22> looking for peer configs matching a.a.a.a[%any]...b.b.b.b[www.bbbb.nl]
Nov 2 21:42:44 charon: 11[ENC] <22> parsed IKE_AUTH request 1 [ IDi CERTREQ AUTH SA TSi TSr N(INIT_CONTACT) ]
Nov 2 21:42:44 charon: 11[NET] <22> received packet: from b.b.b.b[500] to a.a.a.a[500] (240 bytes)
Nov 2 21:42:44 charon: 11[NET] <22> sending packet: from a.a.a.a[500] to b.b.b.b[500] (440 bytes)
Nov 2 21:42:44 charon: 11[ENC] <22> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(MULT_AUTH) ]
Nov 2 21:42:44 charon: 11[IKE] <22> b.b.b.b is initiating an IKE_SA
Nov 2 21:42:44 charon: 11[ENC] <22> received unknown vendor ID: 2a:67:75:d0:ad:2a:a7:88:7c:33:fe:1d:68:ba:f3:08:96:6f:00:01
Nov 2 21:42:44 charon: 11[ENC] <22> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) V ]
Nov 2 21:42:44 charon: 11[NET] <22> received packet: from b.b.b.b[500] to a.a.a.a[500] (444 bytes)
I copied the settings from my old pfSense router, but here the tunnel will not get up.
I have added the 3 WAN rules and 1 IPSEC to LAN rule, and applied these.
Anyone an idea?
Thanks!