authentication of '<myFirstIP>' (myself) with pre-shared keyno shared key found for '<myFirstIP>' - '<mySecondIP>'establishing connection 'con1' failed
Vergiss den IPsec Quatsch.
Mach openVPN oder Wireguard und fertig.
Dann kann der Tunnel aus irgendeinem Grund nur von einer Seite aufgebaut werden.Also entweder machst du den Hack auf der anderen Seite
oder du postest die config und logs.
2021-07-22T13:45:22 charon[36881] 15[IKE] <con1|31> no shared key found for '<meine-Heim-IP>' - '<meine-Fern-IP>'2021-07-22T13:45:22 charon[36881] 15[IKE] <con1|31> authentication of '<meine-Heim-IP>' (myself) with pre-shared key2021-07-22T13:45:22 charon[36881] 15[IKE] <con1|31> sending cert request for "C=US, O=(STAGING) Let's Encrypt, CN=(STAGING) Artificial Apricot R3"2021-07-22T13:45:22 charon[36881] 15[IKE] <con1|31> sending cert request for "C=US, O=Let's Encrypt, CN=R3"2021-07-22T13:45:22 charon[36881] 15[IKE] <con1|31> sending cert request for "C=DE, ST=<meinLand>, L=<meineStadt>, O=<meineFirma>, E=info@<meineFirma>.de, CN=<meineFirma>-DE-CA"2021-07-22T13:45:22 charon[36881] 15[IKE] <con1|31> sending cert request for "C=DE, ST=<meinBundesland>, L=<meineStadt>, O=<meineFirma>, E=info@<meineFirma>.de, CN=OpenVPN CA DE"2021-07-22T13:45:22 charon[36881] 15[IKE] <con1|31> sending cert request for "C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3"2021-07-22T13:45:22 charon[36881] 15[IKE] <con1|31> sending cert request for "CN=Fake LE Intermediate X1"2021-07-22T13:45:22 charon[36881] 15[IKE] <con1|31> received 2 cert requests for an unknown ca2021-07-22T13:45:22 charon[36881] 15[IKE] <con1|31> received cert request for "C=US, O=(STAGING) Let's Encrypt, CN=(STAGING) Artificial Apricot R3"2021-07-22T13:45:22 charon[36881] 15[IKE] <con1|31> received cert request for "C=US, O=Let's Encrypt, CN=R3"2021-07-22T13:45:22 charon[36881] 15[IKE] <con1|31> received cert request for "CN=Fake LE Intermediate X1"2021-07-22T13:45:22 charon[36881] 15[IKE] <con1|31> received cert request for "C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3"2021-07-22T13:45:22 charon[36881] 15[CFG] <con1|31> selected proposal: IKE:3DES_CBC/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_2048_2562021-07-22T13:45:22 charon[36881] 15[ENC] <con1|31> parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]2021-07-22T13:45:22 charon[36881] 15[NET] <con1|31> received packet: from <meine-Fern-IP>[500] to <meine-Heim-IP>[500] (593 bytes)2021-07-22T13:45:22 charon[36881] 15[NET] <con1|31> sending packet: from <meine-Heim-IP>[500] to <meine-Fern-IP>[500] (460 bytes)2021-07-22T13:45:22 charon[36881] 15[ENC] <con1|31> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]2021-07-22T13:45:22 charon[36881] 15[IKE] <con1|31> initiating IKE_SA con1[31] to <meine-Fern-IP>2021-07-22T13:45:22 charon[36881] 10[CFG] received stroke: initiate 'con1'
2021-07-22T21:44:14 charon[86343] 07[KNL] creating rekey job for CHILD_SA ESP/0xcf832cf5/<meine-Heim-IP>2021-07-22T21:01:09 charon[86343] 11[ENC] <con1|1> parsed INFORMATIONAL response 4 [ ]2021-07-22T21:01:09 charon[86343] 11[NET] <con1|1> received packet: from <meine-Fern-IP>[4500] to <meine-Heim-IP>[4500] (80 bytes)2021-07-22T21:01:09 charon[86343] 11[NET] <con1|1> sending packet: from <meine-Heim-IP>[4500] to <meine-Fern-IP>[4500] (136 bytes)2021-07-22T21:01:09 charon[86343] 11[ENC] <con1|1> generating INFORMATIONAL request 4 [ N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) ]2021-07-22T21:01:09 charon[86343] 11[IKE] <con1|1> sending address list update using MOBIKE2021-07-22T21:01:09 charon[86343] 05[KNL] 192.168.5.1 appeared on ovpns12021-07-22T21:01:09 charon[86343] 12[KNL] interface ovpns1 activated2021-07-22T21:01:09 charon[86343] 12[IKE] <con1|1> CHILD_SA con1{2} established with SPIs ccb36a96_i c4959463_o and TS 192.168.0.0/24 192.168.4.0/24 === 192.168.2.0/24 192.168.6.0/242021-07-22T21:01:09 charon[86343] 12[CFG] <con1|1> selected proposal: ESP:3DES_CBC/HMAC_SHA2_512_256/MODP_2048/NO_EXT_SEQ2021-07-22T21:01:09 charon[86343] 12[IKE] <con1|1> received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding2021-07-22T21:01:09 charon[86343] 12[ENC] <con1|1> parsed CREATE_CHILD_SA response 3 [ N(ESP_TFC_PAD_N) SA No KE TSi TSr ]2021-07-22T21:01:09 charon[86343] 12[NET] <con1|1> received packet: from <meine-Fern-IP>[4500] to <meine-Heim-IP>[4500] (512 bytes)2021-07-22T21:01:09 charon[86343] 12[NET] <con1|1> sending packet: from <meine-Heim-IP>[4500] to <meine-Fern-IP>[4500] (512 bytes)2021-07-22T21:01:09 charon[86343] 12[ENC] <con1|1> generating CREATE_CHILD_SA request 3 [ N(ESP_TFC_PAD_N) SA No KE TSi TSr ]2021-07-22T21:01:09 charon[86343] 12[IKE] <con1|1> establishing CHILD_SA con1{2}2021-07-22T21:01:09 charon[86343] 12[ENC] <con1|1> parsed INFORMATIONAL response 2 [ ]2021-07-22T21:01:09 charon[86343] 12[NET] <con1|1> received packet: from <meine-Fern-IP>[4500] to <meine-Heim-IP>[4500] (80 bytes)2021-07-22T21:01:09 charon[86343] 12[CFG] received stroke: initiate 'con1'2021-07-22T21:01:09 charon[86343] 16[CFG] added configuration 'con1'2021-07-22T21:01:09 charon[86343] 05[NET] <con1|1> sending packet: from <meine-Heim-IP>[4500] to <meine-Fern-IP>[4500] (128 bytes)2021-07-22T21:01:09 charon[86343] 05[ENC] <con1|1> generating INFORMATIONAL request 2 [ N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) ]2021-07-22T21:01:09 charon[86343] 05[IKE] <con1|1> sending address list update using MOBIKE2021-07-22T21:01:09 charon[86343] 05[KNL] interface ovpns1 deactivated2021-07-22T21:01:09 charon[86343] 14[KNL] 192.168.5.1 disappeared from ovpns12021-07-22T21:01:09 charon[86343] 16[CFG] received stroke: add connection 'con1'2021-07-22T21:01:09 charon[86343] 14[CFG] deleted connection 'con1'2021-07-22T21:01:09 charon[86343] 14[CFG] received stroke: delete connection 'con1'2021-07-22T21:01:09 charon[86343] 16[CFG] rereading crls from '/usr/local/etc/ipsec.d/crls'2021-07-22T21:01:09 charon[86343] 16[CFG] rereading attribute certificates from '/usr/local/etc/ipsec.d/acerts'2021-07-22T21:01:09 charon[86343] 16[CFG] rereading ocsp signer certificates from '/usr/local/etc/ipsec.d/ocspcerts'2021-07-22T21:01:09 charon[86343] 16[CFG] rereading aa certificates from '/usr/local/etc/ipsec.d/aacerts'2021-07-22T21:01:09 charon[86343] 16[CFG] loaded ca certificate "C=US, O=(STAGING) Let's Encrypt, CN=(STAGING) Artificial Apricot R3" from '/usr/local/etc/ipsec.d/cacerts/d51988df.0.crt'2021-07-22T21:01:09 charon[86343] 16[CFG] loaded ca certificate "C=US, O=Let's Encrypt, CN=R3" from '/usr/local/etc/ipsec.d/cacerts/8d33f237.0.crt'2021-07-22T21:01:09 charon[86343] 16[CFG] loaded ca certificate "C=DE, ST=<meinLand>, L=<meineStadt>, O=<meineFirma>, E=info@<meineFirma>.de, CN=<meineFirma>-DE-CA" from '/usr/local/etc/ipsec.d/cacerts/0a9b39ac.0.crt'2021-07-22T21:01:09 charon[86343] 16[CFG] loaded ca certificate "C=DE, ST=<meinBundesland>, L=<meineStadt>, O=<meineFirma>, E=info@<meineFirma>.de, CN=OpenVPN CA DE" from '/usr/local/etc/ipsec.d/cacerts/eefe3217.0.crt'2021-07-22T21:01:09 charon[86343] 16[CFG] loaded ca certificate "C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3" from '/usr/local/etc/ipsec.d/cacerts/4f06f81d.0.crt'2021-07-22T21:01:09 charon[86343] 16[CFG] loaded ca certificate "CN=Fake LE Intermediate X1" from '/usr/local/etc/ipsec.d/cacerts/0a3654cf.0.crt'2021-07-22T21:01:09 charon[86343] 16[CFG] rereading ca certificates from '/usr/local/etc/ipsec.d/cacerts'2021-07-22T21:01:09 charon[86343] 16[CFG] expanding file expression '/usr/local/etc/ipsec.secrets.opnsense.d/*.secrets' failed2021-07-22T21:01:09 charon[86343] 16[CFG] loaded IKE secret for <meine-Fern-IP>2021-07-22T21:01:09 charon[86343] 16[CFG] loading secrets from '/usr/local/etc/ipsec.secrets'2021-07-22T21:01:09 charon[86343] 16[CFG] rereading secrets2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> peer supports MOBIKE2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> received AUTH_LIFETIME of 27868s, scheduling reauthentication in 27328s2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> CHILD_SA con1{1} established with SPIs cf832cf5_i cc71bdd2_o and TS 192.168.0.0/24 192.168.4.0/24 === 192.168.2.0/24 192.168.6.0/242021-07-22T21:01:06 charon[86343] 16[CFG] <con1|1> selected proposal: ESP:3DES_CBC/HMAC_SHA2_512_256/NO_EXT_SEQ2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> maximum IKE_SA lifetime 28587s2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> scheduling reauthentication in 28047s2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> IKE_SA con1[1] established between <meine-Heim-IP>[<meine-Heim-IP>]...<meine-Fern-IP>[<meine-Fern-IP>]2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> authentication of '<meine-Fern-IP>' with pre-shared key successful2021-07-22T21:01:06 charon[86343] 16[ENC] <con1|1> parsed IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr N(AUTH_LFT) N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) ]2021-07-22T21:01:06 charon[86343] 16[NET] <con1|1> received packet: from <meine-Fern-IP>[4500] to <meine-Heim-IP>[4500] (344 bytes)2021-07-22T21:01:06 charon[86343] 16[NET] <con1|1> sending packet: from <meine-Heim-IP>[4500] to <meine-Fern-IP>[4500] (528 bytes)2021-07-22T21:01:06 charon[86343] 16[ENC] <con1|1> generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) CERTREQ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> establishing CHILD_SA con1{1}2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> authentication of '<meine-Heim-IP>' (myself) with pre-shared key2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> sending cert request for "C=US, O=(STAGING) Let's Encrypt, CN=(STAGING) Artificial Apricot R3"2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> sending cert request for "C=US, O=Let's Encrypt, CN=R3"2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> sending cert request for "C=DE, ST=<meinLand>, L=<meineStadt>, O=<meineFirma>, E=info@<meineFirma>.de, CN=<meineFirma>-DE-CA"2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> sending cert request for "C=DE, ST=<meinBundesland>, L=<meineStadt>, O=<meineFirma>, E=info@<meineFirma>.de, CN=OpenVPN CA DE"2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> sending cert request for "C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3"2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> sending cert request for "CN=Fake LE Intermediate X1"2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> received 2 cert requests for an unknown ca2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> received cert request for "C=US, O=(STAGING) Let's Encrypt, CN=(STAGING) Artificial Apricot R3"2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> received cert request for "C=US, O=Let's Encrypt, CN=R3"2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> received cert request for "CN=Fake LE Intermediate X1"2021-07-22T21:01:06 charon[86343] 16[IKE] <con1|1> received cert request for "C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3"2021-07-22T21:01:06 charon[86343] 16[CFG] <con1|1> selected proposal: IKE:3DES_CBC/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_2048_2562021-07-22T21:01:06 charon[86343] 16[ENC] <con1|1> parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]2021-07-22T21:01:06 charon[86343] 16[NET] <con1|1> received packet: from <meine-Fern-IP>[500] to <meine-Heim-IP>[500] (593 bytes)2021-07-22T21:01:06 charon[86343] 15[NET] <con1|1> sending packet: from <meine-Heim-IP>[500] to <meine-Fern-IP>[500] (460 bytes)2021-07-22T21:01:06 charon[86343] 15[ENC] <con1|1> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]2021-07-22T21:01:06 charon[86343] 15[IKE] <con1|1> initiating IKE_SA con1[1] to <meine-Fern-IP>2021-07-22T21:01:06 charon[86343] 15[CFG] received stroke: initiate 'con1'2021-07-22T21:01:06 charon[86343] 05[CFG] added configuration 'con1'2021-07-22T21:01:06 charon[86343] 05[CFG] received stroke: add connection 'con1'