OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 17.1 Legacy Series »
  • IPSEC Server
« previous next »
  • Print
Pages: [1]

Author Topic: IPSEC Server  (Read 4524 times)

Julien

  • Hero Member
  • *****
  • Posts: 666
  • Karma: 33
    • View Profile
IPSEC Server
« on: March 08, 2017, 04:26:31 pm »
Hi Guys,
I have followed the Doc to configure the IPSEC. https://docs.opnsense.org/manual/how-tos/ipsec-road.html
we have a active directory server to allow the users to access the VPN.
On the PN:IPSEC Mobile Client we used the server authentication for the Active directory we have.
the same Authentication server we use for the OPENVPN and it does works fine.
the log of the IPSEC says below.
can someone please point me to there right directions ?
Code: [Select]
Mar 8 16:20:26
charon: 09[NET] sending packet: from FIREWALL IP [4500] to WHERE I AM CONNECTING FROM [42132] (84 bytes)
Mar 8 16:20:26
charon: 09[ENC] generating INFORMATIONAL_V1 request 628088373 [ HASH N(AUTH_FAILED) ]
Mar 8 16:20:26
charon: 09[IKE] found 1 matching config, but none allows XAuthInitPSK authentication using Main Mode
Mar 8 16:20:26
charon: 09[CFG] looking for XAuthInitPSK peer configs matching FIREWALL IP ...CONNECTING FROM[192.168.19.76]
Mar 8 16:20:26
charon: 09[ENC] parsed ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
Firewall rules are attached.
« Last Edit: March 08, 2017, 04:40:09 pm by Julien »
Logged
OPNsense 23.1.7_3-amd64
FreeBSD 13.1-RELEASE-p7
OpenSSL 1.1.1t 7 Feb 2023

Julien

  • Hero Member
  • *****
  • Posts: 666
  • Karma: 33
    • View Profile
Re: IPSEC Server
« Reply #1 on: March 08, 2017, 06:05:26 pm »
I managed to get the tunnel UP and running,
the problem now is the users can't browse to the internet while connecting over the tunnel.
on the IPSEC rules we have allow any to any IPV4+6 with destination LAN net see attached but no vail,
connecting to the internet over the IPSEC does not works.
internally I can't ping the connected device IP.

Can someone please advise how to fix ?

Over the VPN I can access the firewall web interface.
is this some kind of routing issue ?

please advise
« Last Edit: March 08, 2017, 06:16:51 pm by Julien »
Logged
OPNsense 23.1.7_3-amd64
FreeBSD 13.1-RELEASE-p7
OpenSSL 1.1.1t 7 Feb 2023

Julien

  • Hero Member
  • *****
  • Posts: 666
  • Karma: 33
    • View Profile
Re: IPSEC Server
« Reply #2 on: March 08, 2017, 07:15:15 pm »
Hi Guys,
I have done so extra research, right now from the Lan side I can ping the connected devices over the VPN, but the otherway around is not.
when I am connected with the VPN I can't ping or RDP to the devices over the LAN.
isn't this a NAT issue ? NAT is a automatic on.

Really no way has a idea what  going on ?
Logged
OPNsense 23.1.7_3-amd64
FreeBSD 13.1-RELEASE-p7
OpenSSL 1.1.1t 7 Feb 2023

Julien

  • Hero Member
  • *****
  • Posts: 666
  • Karma: 33
    • View Profile
Re: IPSEC Server
« Reply #3 on: March 09, 2017, 03:26:07 pm »
Can Anyone advise about this ?
we just tried a Pfsense installation and everything works out of the box with the NAT rules.
Opnsense kan never get this working,
Logged
OPNsense 23.1.7_3-amd64
FreeBSD 13.1-RELEASE-p7
OpenSSL 1.1.1t 7 Feb 2023
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 17.1 Legacy Series »
  • IPSEC Server
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2