Hello,
I created a customer VPN to site IPsec with the software Shrew VPNCLIENT V2.2.2. (For information I also used Thegreenbow and the problem is identical).
I followed the tuto at the address
https://www.shrew.net/support/Howto_m0n0wallAnd this one
http://doc.m0n0.ch/handbook/faq-muvpn.htmlThe version of MonoWall is 1.34 built on Mon Nov 12 13:17:22 CET 2012
Platform Generic PC
The IP of the Lan de MonoWall is 192.168.0.1/24
The connection does well but in the logs system of MonoWall I have the error message:
racoon: ERROR: such policy does not already exist: "192.168.0.170/32[0] 192.168.0.0/24[0] proto=any dir=in"
racoon: ERROR: such policy does not already exist: "192.168.0.0/24[0] 192.168.0.170/32[0] proto=any dir=out"
I manage to ping MonoWall but not the inside of Lan.
In "diagnoses IPSEC" on MonoWall in the tab " SAD " I have well the values:
Source Destination Protocol SPI Enc. alg. Auth. alg.
22.228.90.146 82.237.236.8 ESP 5863a4ff 3des-cbc hmac-sha1
82.237.236.8 22.228.90.146 ESP 0db808c7 3des-cbc hmac-sha1
In "diagnoses IPSEC" on MonoWall in the tab " SPD " I have well the values:
Source Destination Direction Protocol Tunnel endpoint
192.168.0.170 192.168.0.0/24 -> ESP 82.237.236.8 - 22.228.90.146
192.168.0.0/24 192.168.0.170 <- ESP 22.228.90.146 - 82.237.236.8
In " Firewall: Rules " I opened the rights on the various ports in the tab " WAN ".
Proto Source Port Destination Port Description
UDP * * Wan address 500 IPSEV ESP IKE
UDP * * Wan address 4500 IPSEC ESP NAT-T
ESP * * Wan address * IPsec ESP
In " Firewall: Rules " in the tab " IPsev VPN ", I authorized everything.
Proto Source Port Destination Port Description
* * * * * Autorisation VPN
In spite of my researches on the Internet, to make the request on the forum and all my tests, I do not manage to solve the problem (extract of the file " status.php "
http://sgraffin.free.fr/VPN_Client_to_site_Monowall_Shrew.pdf).
Do you can help me?
Thank you
Sébastien