[ previous ] [ next ] [ threads ]
 
 From:  Marc Berthold <ber at fmx dot ch>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  IPSec tunnel between m0n0wall and pfSense
 Date:  Wed, 08 Jun 2005 09:57:32 +0200
Hi,
I'm tring to build a IPSec tunel between a m0n0wall and pfSense.
Both have static IPs.
On the 2 side the seting are the same.

It fail somehow in the phase2 but I can understand why.

Here are the log from the pfSense (IP 213.39.112.30):
Jun 8 07:53:47 	racoon: INFO: isakmp.c:952:isakmp_ph2begin_i(): initiate 
new phase 2 negotiation: 213.39.112.30[0]<=>62.50.75.5[0]
Jun 8 07:53:43 	racoon: ERROR: pfkey.c:804:pfkey_timeover(): 62.50.75.5 
give up to get IPsec-SA due to time up to wait.
Jun 8 07:53:13 	racoon: INFO: isakmp.c:952:isakmp_ph2begin_i(): initiate 
new phase 2 negotiation: 213.39.112.30[0]<=>62.50.75.5[0]



This is the log of the m0n0wall (IP 62.50.75.5):
Jun 8 07:47:56 	racoon: ERROR: isakmp.c:1073:isakmp_ph2begin_r(): failed 
to pre-process packet.
Jun 8 07:47:56 	racoon: ERROR: isakmp_quick.c:1046:quick_r1recv(): 
failed to get sainfo.
Jun 8 07:47:56 	racoon: ERROR: isakmp_quick.c:1812:get_sainfo_r(): 
failed to get sainfo.
Jun 8 07:47:56 	racoon: INFO: isakmp.c:1059:isakmp_ph2begin_r(): respond 
new phase 2 negotiation: 62.50.75.5[0]<=>213.39.112.30[0]



I used the same IP's with 2 m0n0wall and the tunnel came up fine !
Is there a knowed issue with ipsec between m0n0wall and pfSense ?

Has anybody a idea ?

Cheers,
Marc Berthold


-- 

#include <standard.disclaimer>
Berthold Marc, Rolle, Switzerland

// Computers are only interesting when they go wrong,
// otherwise it's just like watching television !!!