|
||||||||
Hi Marc, I already have tested a Tunnel between pfsense and m0n0 between static and dynamic IP (with mobile client) and it worked for me without any issue. However, this was some versions ago. Can you please provide which versions of m0n0 and pfSense you are using for testing? I can try this setup then this evening at home. Holger -----Ursprüngliche Nachricht----- Von: Marc Berthold [mailto:ber at fmx dot ch] Gesendet: Mittwoch, 8. Juni 2005 09:58 An: m0n0wall at lists dot m0n0 dot ch Betreff: [m0n0wall] IPSec tunnel between m0n0wall and pfSense Hi, I'm tring to build a IPSec tunel between a m0n0wall and pfSense. Both have static IPs. On the 2 side the seting are the same. It fail somehow in the phase2 but I can understand why. Here are the log from the pfSense (IP 213.39.112.30): Jun 8 07:53:47 racoon: INFO: isakmp.c:952:isakmp_ph2begin_i(): initiate new phase 2 negotiation: 213.39.112.30[0]<=>62.50.75.5[0] Jun 8 07:53:43 racoon: ERROR: pfkey.c:804:pfkey_timeover(): 62.50.75.5 give up to get IPsec-SA due to time up to wait. Jun 8 07:53:13 racoon: INFO: isakmp.c:952:isakmp_ph2begin_i(): initiate new phase 2 negotiation: 213.39.112.30[0]<=>62.50.75.5[0] This is the log of the m0n0wall (IP 62.50.75.5): Jun 8 07:47:56 racoon: ERROR: isakmp.c:1073:isakmp_ph2begin_r(): failed to pre-process packet. Jun 8 07:47:56 racoon: ERROR: isakmp_quick.c:1046:quick_r1recv(): failed to get sainfo. Jun 8 07:47:56 racoon: ERROR: isakmp_quick.c:1812:get_sainfo_r(): failed to get sainfo. Jun 8 07:47:56 racoon: INFO: isakmp.c:1059:isakmp_ph2begin_r(): respond new phase 2 negotiation: 62.50.75.5[0]<=>213.39.112.30[0] I used the same IP's with 2 m0n0wall and the tunnel came up fine ! Is there a knowed issue with ipsec between m0n0wall and pfSense ? Has anybody a idea ? Cheers, Marc Berthold -- #include <standard.disclaimer> Berthold Marc, Rolle, Switzerland // Computers are only interesting when they go wrong, // otherwise it's just like watching television !!! ____________ Virus checked by G DATA AntiVirusKit |