|
||||||||
Holger Bauer napisa³(a): > Use different identifiers for your tunnels (preshared keys, not interface IP). Then the m0n0 can divide the 2 sessions and it will work. Thanks all for reply. Now I have some time without user-payload to deeper check this way. Problem solved: Do not use "Main mode" in m0n0walls with more than 1 ipsec tunnel. When switched in aggressive mode it works well. = some logs = Algoritm seems to put in infinitive loop at: racoon: debug: resend phase1 packet ef9e996e2c71d85c:fb17820d2ea8188e racoon: debug: get pfkey acquire message racoon: debug: ignore the acquire because ph2 found racoon: debug: get pfkey acquire message racoon: debug: ignore the acquire because ph2 found >From diagnostic ipsec: SAD: No IPsec security associations SPD with 4 directions (two tunnels) seems ok. Regards Krzysztof |