How to configure OpenBSD L2TP/IPSEC VPN to work with Windows 10?

Thu, 04 Aug 2016 09:17:18 -0700 

I can't figure out how to make an OpenBSD VPN work. I followed the guide at
[1] to set up
a VPN, modified the network interface there to tun0 instead of pppoe0, and
didn't
configure the pf.conf. When I tried to connect from Win10 using the
"L2TP/IPsec with pre-shared key" VPN type I see the issues below in phase 2:

Thanks
Sebastian

[1] http://blog.fuckingwith.it/2015/08/openbsd-l2tpipsec-vpn-works-with.html

    Aug  3 responder_recv_HASH_SA_NONCE: peer proposed invalid phase 2 IDs:
initiator id 192.168.0.129, responder id 192.168.0.253
    Aug  3 11:17:13 fw isakmpd[7947]: dropped message from 192.168.0.129
port 500 due to notification type INVALID_ID_INFORMATION
    Aug  3 11:17:14 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer
proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id
192.168.0.253
    Aug  3 11:17:14 fw isakmpd[7947]: dropped message from 192.168.0.129
port 500 due to notification type INVALID_ID_INFORMATION
    Aug  3 11:17:15 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer
proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id
192.168.0.253
    Aug  3 11:17:15 fw isakmpd[7947]: dropped message from 192.168.0.129
port 500 due to notification type INVALID_ID_INFORMATION
    Aug  3 11:17:18 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer
proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id
192.168.0.253
    Aug  3 11:17:18 fw isakmpd[7947]: dropped message from 192.168.0.129
port 500 due to notification type INVALID_ID_INFORMATION
    Aug  3 11:17:25 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer
proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id
192.168.0.253
    Aug  3 11:17:25 fw isakmpd[7947]: dropped message from 192.168.0.129
port 500 due to notification type INVALID_ID_INFORMATION
    Aug  3 11:17:40 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer
proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id
192.168.0.253
    Aug  3 11:17:40 fw isakmpd[7947]: dropped message from 192.168.0.129
port 500 due to notification type INVALID_ID_INFORMATION
    Aug  3 11:17:55 fw isakmpd[7947]: responder_recv_HASH_SA_NONCE: peer
proposed invalid phase 2 IDs: initiator id 192.168.0.129, responder id
192.168.0.253
    Aug  3 11:17:55 fw isakmpd[7947]: dropped message from 192.168.0.129
port 500 due to notification type INVALID_ID_INFORMATION
    Aug  3 11:18:38 fw isakmpd[7947]: transport_send_messages: giving up on
exchange peer-default, no response from peer 192.168.0.129:500

Reply via email to