IPSec IKEv1 OPNsense Watchguard [Troubleshooting]

[memento]

Hey,

I am new to creating VPN tunnels and only have experience with wireguard.

I am having trouble getting the tunnel up between my OPNsense and watchguard.

Any and all help would greatly be appreciated. Thank you.

Firewall rules:

Floating: allow ESP on WAN

Floating: allow TCP/UDP on WAN port 500

Floating: allow TCP/DUP on WAN port 4500

IPSec interface: allow TCPv4 rule.

OPNSense config:

PHASE 1

(General Information)

Interface: WAN

Remote Gateway: [Public IP of watchguard]

Dynamic gateway: unchecked

(Authentication)

Authentication method: Mutual PSK

Negotiation mode: Main

My identifier: My IP Address

Peer Identifier: Peer IP Address

PSK: -%@:@J6w\j`42xQG[A=kATH;}-zG{=

(Algorithms)

Encryption Algorithm: AES - 128

Hash Algorithm: Sha256

DH key group: 14

Lifetime 6400

Advanced:

Install Policy: checked

Disable Rekey: Unchecked

Disable Reauth: Unchecked

Tunnel Isolation: Unchecked

NAT Traversal: Disabled

Disable MOBIKE: Unchecked

Close Action: None

DPD: Unchecked

inactivity timeout:

keyingtieds:

margintime:

Rekeyfuzz:

PHASE 2

(Remote Network)

Type: Network

10.0.2.0/24

(SA/Key Exchange)

Protocol: ESP

Encryption algorithms: AES-128

Hash algoritms: SHA256

PFS keygroup: 14

Lifetime 28800

(Advanced Options)

automatically ping host:

Manual SPD entries:

Watchguard config:

PHASE 1

DH group : 14

Encryption AES-128

Hash: SHA256

key lifetime 6400

PSK: -%@:@J6w\j`42xQG[A=kATH;}-zG{= [not the actual PSK]

PHASE 2

Protocol: ESP

Encyption: AES-128

Hash: SHA256

PFS DH Group: 14

SA lifetime: 28800