Ipsec

Started by vadimkara, July 12, 2016, 03:06:01 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
October 13, 2016, 03:45:53 PM #15
Let's help out ;)

Commit:

https://github.com/opnsense/core/commit/5dc95bac

Command:

# opnsense-patch 5dc95bac


Cheers,
Franco
October 14, 2016, 05:45:58 PM #16
Hi,

I have applied patch. From the gui side everything looks good.
When I tried to connect I have got the following error: Error Description: 13801: IKE authentication credentials are unacceptable. I didn't have a chance to go over my config and certificates. I will do that on this weekend and try to figure out what is the cause of that.

Thank you,
Andrei
October 15, 2016, 02:50:35 AM #17
Hi,

After some testing with Windows 7 and StrongSwan android client I am getting the same error on both.
Please see attached final part of the Log. What could be the problem? Anyone has any suggestions?

Thank you,
Andrei
October 17, 2016, 07:39:54 AM #18
Hi Andrei,

EAP is working, but the verify against the certificate/chain does not.


Cheers,
Franco
October 17, 2016, 09:13:40 PM #19
Hi Franco,

What do you think causing this behavior? Opensense implementation of the StrongSwan or wrong configuration on my side? I have checked my certificates few times and they look ok. I have followed pfsense guide https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2 for setting this connection. I will try to recreate same config on pfsense to see the logs and compare, will also post opnsense generated file config vs pfsense for same scenario.

Thank you,
Andrei
Print
Go Up Pages 1 2
User actions