Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
IPSec IKEv1 OPNsense Watchguard [Troubleshooting]
« previous
next »
Print
Pages: [
1
]
Author
Topic: IPSec IKEv1 OPNsense Watchguard [Troubleshooting] (Read 1436 times)
memento
Newbie
Posts: 1
Karma: 0
IPSec IKEv1 OPNsense Watchguard [Troubleshooting]
«
on:
October 29, 2021, 09:30:21 pm »
Hey,
I am new to creating VPN tunnels and only have experience with wireguard.
I am having trouble getting the tunnel up between my OPNsense and watchguard.
Any and all help would greatly be appreciated. Thank you.
Firewall rules:
Floating: allow ESP on WAN
Floating: allow TCP/UDP on WAN port 500
Floating: allow TCP/DUP on WAN port 4500
IPSec interface: allow TCPv4 rule.
OPNSense config:
PHASE 1
(General Information)
Interface: WAN
Remote Gateway: [Public IP of watchguard]
Dynamic gateway: unchecked
(Authentication)
Authentication method: Mutual PSK
Negotiation mode: Main
My identifier: My IP Address
Peer Identifier: Peer IP Address
PSK: -%@:@J6w\j`42xQG[A=kATH;}-zG{=
(Algorithms)
Encryption Algorithm: AES - 128
Hash Algorithm: Sha256
DH key group: 14
Lifetime 6400
Advanced:
Install Policy: checked
Disable Rekey: Unchecked
Disable Reauth: Unchecked
Tunnel Isolation: Unchecked
NAT Traversal: Disabled
Disable MOBIKE: Unchecked
Close Action: None
DPD: Unchecked
inactivity timeout:
keyingtieds:
margintime:
Rekeyfuzz:
PHASE 2
(Remote Network)
Type: Network
10.0.2.0/24
(SA/Key Exchange)
Protocol: ESP
Encryption algorithms: AES-128
Hash algoritms: SHA256
PFS keygroup: 14
Lifetime 28800
(Advanced Options)
automatically ping host:
Manual SPD entries:
Watchguard config:
PHASE 1
DH group : 14
Encryption AES-128
Hash: SHA256
key lifetime 6400
PSK: -%@:@J6w\j`42xQG[A=kATH;}-zG{= [not the actual PSK]
PHASE 2
Protocol: ESP
Encyption: AES-128
Hash: SHA256
PFS DH Group: 14
SA lifetime: 28800
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
IPSec IKEv1 OPNsense Watchguard [Troubleshooting]