Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Fix IPSEC or have IPSEC and Wireguard setups at the same time?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Fix IPSEC or have IPSEC and Wireguard setups at the same time? (Read 1022 times)
Pocket_Sevens
Jr. Member
Posts: 73
Karma: 2
Fix IPSEC or have IPSEC and Wireguard setups at the same time?
«
on:
March 01, 2024, 05:58:06 pm »
Good day all.
I have an existing IPSEC VPN roadwarrior setup (way back from OPNSense 21) that's working perfectly for iOS, macOS and Windows devices without issue (currently on 24.1.2).
I'm trying to connect a Linux laptop to the VPN while on the road. I've made sure the authentication is correct and the pre-shared key is attatched to the config. However, the linux machine will not connect via VPN. I keep getting the following error:
"09[IKE]<5>found 1 matching config, but none allows pre-shared key authentication using Main Mode".
Reading the guides, it looks like the IPSEC setup instructions have been updated. Wondering if updating my existing setup to the "new" guide will help solve the issue.
The other option is to setup a Wireguard VPN just for the linux laptop. Can I still keep the exiting IPSEC setup for the iOS/macOS/Windows machines while still having a separate Wireguard setup for the linux machine? I plan on having the Wireguard addresses on a separate subnet so we don't conflict with the existing IPSEC config. I just want to make sure I'm going to create more issues by having 2 different VPN protocols.
Thank you in advance for your help.
Logged
schnipp
Sr. Member
Posts: 371
Karma: 19
Re: Fix IPSEC or have IPSEC and Wireguard setups at the same time?
«
Reply #1 on:
March 05, 2024, 04:44:43 pm »
Of course, IPsec and wireguard can run in parallel.
The strongswan log message looks like you had setup multiple roadwarrior connections in Opnsense?
Logged
OPNsense 24.7.1-amd64
Pocket_Sevens
Jr. Member
Posts: 73
Karma: 2
Re: Fix IPSEC or have IPSEC and Wireguard setups at the same time?
«
Reply #2 on:
March 13, 2024, 08:40:51 pm »
Hey schnipp. Thanks for the reply.
I only have one roadwarrior definition setup in OpnSense following the guides from a few years ago when I set it up. Being I'm new to IPSEC and strongswan, I couldn't tell you what the message means. That's why I was wondering if my IPSEC definitions need to be updated based on the updated guide; or, to go the Wireguard route just for the Linux machine.
Logged
schnipp
Sr. Member
Posts: 371
Karma: 19
Re: Fix IPSEC or have IPSEC and Wireguard setups at the same time?
«
Reply #3 on:
March 17, 2024, 02:12:36 pm »
Without posting the full configuration of both endpoints and further log details it's really difficult to analyse. Maybe, the configured Roadwarrior connection in the Opnsense uses IKEv2 and you are trying to connect via IKEv1.
Logged
OPNsense 24.7.1-amd64
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Fix IPSEC or have IPSEC and Wireguard setups at the same time?