Hello,
I'am trying to use IPsec VPN between two Box (connected over Internet) :
Box 1 = m0n0wall v1.3 (soekris net4501)
Box 2 = pfSense v1.2.3 (Alix 2D3)
I have some problems on the m0n0wal box (box 1).
Here is my IPsec config :
Mode --> Tunnel
Disabled --> Not set (!^^)
Interface --> WAN
NAT-T --> Not set
DPD interval seconds --> Not set (blank)
Local subnet --> Network (192.168.11.0/24)
Remote subnet --> 192.168.10.0/24
Remote gateway --> <remote_wan_ip>
--
Phase 1 proposal (Authentication)
--
Negotiation mode --> main
My identifier --> My IP address
Encryption algorithm --> 3DES
Hash algorithm --> SHA1
DH key group --> 2
Lifetime seconds --> Not set (blank)
Authentication method --> Pre-Shared Key
Pre-Shared Key --> <my_pre_shared_key>
Certificate --> Not set (Blank)
Key --> Not set (Blank)
Peer certificate --> Not set (Blank)
--
Phase 2 proposal (SA/Key Exchange)
--
Protocol --> ESP
*Encryption algorithms*
DES --> Not set
3DES --> Set
Blowfish --> Set
CAST128 --> Not set
Rijndael (AES) --> Not set
*Hash algorithms*
SHA1 --> Set
MD5 --> Set
PFS key group --> off
Lifetime --> Not set (blank)
---
When i look into the logs, i get an "racoon: ERROR: couldn't find configuration"
[...]
Feb 24 16:08:33 last message repeated 17 times
Feb 24 15:58:03 last message repeated 16 times
Feb 24 15:48:14 last message repeated 3 times
Feb 24 15:46:13 racoon: ERROR: couldn't find configuration.
Feb 24 15:45:33 racoon: ERROR: couldn't find configuration.
Feb 24 15:44:55 racoon: INFO: 192.168.11.1[500] used for NAT-T
Feb 24 15:44:55 racoon: INFO: 192.168.11.1[500] used as isakmp port (fd=10)
Feb 24 15:44:55 racoon: INFO: 127.0.0.1[500] used for NAT-T
Feb 24 15:44:55 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=9)
Feb 24 15:44:55 racoon: INFO: <my_ip>[500] used for NAT-T
Feb 24 15:44:55 racoon: INFO: <my_ip>[500] used as isakmp port (fd=8)
Feb 24 15:44:55 racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
Feb 24 15:44:55 racoon: INFO: @(#)This product linked OpenSSL 0.9.7e-p1 25 Oct 2004 (
http://www.openssl.org/)
[...]
Of course, nothing in the logs on the Box 2...
I think the problem come from Box 1, i restarted it few times, but still the same error...
Note : i recently upgraded my box 1 from m0n0wall v1.235 to v1.3 (embedded img)
What's the problem ?
Thx all