I configure a mobile client and set the pre-shared-key with the identifier. I need configure a tunnel ipsec too?
-----Original Message----- From: Holger Bauer [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 09, 2006 4:51 PM To: discussion@pfsense.com Subject: RE: [pfSense-discussion] Problem with ipsec It's the remote LAN that you want to reach through the tunnel at the other end. HOlger > -----Original Message----- > From: Carlos Julio Sánchez [ACC-SIS] > [mailto:[EMAIL PROTECTED] > Sent: Wednesday, August 09, 2006 11:57 PM > To: discussion@pfsense.com > Subject: RE: [pfSense-discussion] Problem with ipsec > > > If i dont have remote subnet but in the pfsense i must to > write something in > the textbox REMOTE SUBNET in the configuration of ipsec vpn. > > What I have to write in? > > -----Original Message----- > From: Scott Ullrich [mailto:[EMAIL PROTECTED] > Sent: Wednesday, August 09, 2006 4:31 PM > To: discussion@pfsense.com > Subject: Re: [pfSense-discussion] Problem with ipsec > > On 8/9/06, Carlos Julio Sánchez [ACC-SIS] > <[EMAIL PROTECTED]> wrote: > > > > > > > > > > Hello! > > > > anybody can help me please? > > > > > > > > I have an error when I set up vpn with ipsec, my computer A > have pfsense > and > > my computer B have Centos(Linux) > > > > > > > > In the ipsec logs I have: > > > > racoon: ERROR: failed to get sainfo. > > > > racoon: ERROR: failed to get sainfo. > > > > racoon: ERROR: failed to pre-process packet. > > > > racoon: INFO: purging ISAKMP-SA > > spi=00bc15f02e56a4a5:69e1cebf2efd8757. > > > > racoon: INFO: purged ISAKMP-SA > > spi=00bc15f02e56a4a5:69e1cebf2efd8757. > > > > racoon: INFO: ISAKMP-SA deleted xxx.xxx.xxx.xxx [500]- > xxx.xxx.xxx.xxx > [500] > > spi:00bc15f02e56a4a5:69e1cebf2efd8757 > > > > > > > > in the logs of computer B I have: > > > > > > > > Aug 9 16:15:08 actibts1 racoon: NOTIFY: couldn't find the > proper pskey, > try > > to get one by the peer's address. > > > > Aug 9 16:15:08 actibts1 racoon: INFO: ISAKMP-SA established > > xxx.xxx.xxx.xxx[500]-xxx.xxx.xxx.xxx[500] > > spi:00bc15f02e56a4a5:69e1cebf2efd8757 > > > > Aug 9 16:15:09 actibts1 racoon: INFO: initiate new phase 2 > negotiation: > > xxx.xxx.xxx.xxx [0]<=> xxx.xxx.xxx.xxx [0] > > > > Aug 9 16:15:39 actibts1 racoon: INFO: IPsec-SA expired: > AH/Transport > > xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx spi=35812955(0x222765b) > > > > Aug 9 16:15:39 actibts1 racoon: WARNING: the expire > message is received > but > > the handler has not been established. > > > > Aug 9 16:15:39 actibts1 racoon: ERROR: xxx.xxx.xxx.xxx > give up to get > > IPsec-SA due to time up to wait. > > Double check your phase 2 settings on both hosts. There is a mismatch > somewhere. > > Scott > > __________ NOD32 1.1699 (20060809) Information __________ This message was checked by NOD32 antivirus system. http://www.eset.com
