Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
Problems with ipsec site to site VPN
« previous
next »
Print
Pages: [
1
]
Author
Topic: Problems with ipsec site to site VPN (Read 632 times)
mekano
Newbie
Posts: 15
Karma: 1
Problems with ipsec site to site VPN
«
on:
March 05, 2024, 05:09:39 pm »
i am trying to establish a site to site vpn between to opnsense box. Box1 have version 23.7.12_5 and Box 2 have version 24.1.2_1. The two isp connexion have a dynamic ip. Phase one and phase 2 are congured using the same settings. I saw the connexion coming out of box1 to box2 on port 500. I saw the incoming conexion coming in in box1. But the vpn never came up.
i initiate the connexion from the Box1.
I have attached the log from the Box2.
i have added the rule for port 500 4500 nat-traversal and for ESP protocol
Thank you
Logged
mekano
Newbie
Posts: 15
Karma: 1
Re: Problems with ipsec site to site VPN
«
Reply #1 on:
March 05, 2024, 06:11:19 pm »
i have done a new lookup at the log here is what i found. See the attached file.
it always failed with NO_PROPOSAL_CHOSEN
Logged
Patrick M. Hausen
Hero Member
Posts: 6853
Karma: 575
Re: Problems with ipsec site to site VPN
«
Reply #2 on:
March 05, 2024, 06:22:31 pm »
Assuming you are correct and the phase 1 parameters are indeed identical, are the phase 2 networks mirrored? I.e. what is local at site A is remote at site B and vice versa?
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
mekano
Newbie
Posts: 15
Karma: 1
Re: Problems with ipsec site to site VPN
«
Reply #3 on:
March 05, 2024, 06:33:57 pm »
yes it is
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
Problems with ipsec site to site VPN