Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
ipsec ike1 hybrid-rsa xauth failed #4438
« previous
next »
Print
Pages: [
1
]
Author
Topic: ipsec ike1 hybrid-rsa xauth failed #4438 (Read 2387 times)
gratuxri
Newbie
Posts: 3
Karma: 0
ipsec ike1 hybrid-rsa xauth failed #4438
«
on:
November 04, 2020, 11:00:12 am »
Hello, my issue on
https://github.com/opnsense/core/issues/4438
was marked as support, I try here now:
I have followed howto at
https://docs.opnsense.org/manual/how-tos/ipsec-road.html
and
https://docs.opnsense.org/manual/how-tos/ipsec-rw-srv-ikev1xauth.html
as a result working ipsec ike1 hybrid-rsa xauth, but without working xauth authentication.
Here are some logs with replaced ${USER}, ${FQDN}
2020-11-02T00:25:07 | charon[38591] | 15[IKE] <con1|3> XAuth authentication of '${USER}' failed
2020-11-02T00:25:07 | charon[38591] | 15[IKE] <con1|3> no XAuth secret found for '${FQDN}' - '${USER}'
After adding to /usr/local/etc/ipsec.secrets.opnsense.d/user.secrets lines like
[ <servername> ] <username> : XAUTH "<password>"
It works correctly.
Any ideas on which place it's going wrong?
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: ipsec ike1 hybrid-rsa xauth failed #4438
«
Reply #1 on:
November 04, 2020, 01:45:46 pm »
The compatability matrix doesnt list any supported client, so it's not verified to work. Why so you not choose anything more compatible?
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
gratuxri
Newbie
Posts: 3
Karma: 0
Re: ipsec ike1 hybrid-rsa xauth failed #4438
«
Reply #2 on:
November 06, 2020, 04:45:31 pm »
I choose this setup, because every android phone support this without extra software + no rollout for certificates is needed and you can use just letencrypt certificate. This 3 arguments is very important for me. And yes, I know, that it's not very secure, but it's just handy.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
ipsec ike1 hybrid-rsa xauth failed #4438