|
|
RE: Problem with ipsec: msg#00010security.firewalls.pfsense.user
It's the remote LAN that you want to reach through the tunnel at the other end. HOlger > -----Original Message----- > From: Carlos Julio Sánchez [ACC-SIS] > [mailto:jsanchez@xxxxxxxxxxxxxxxxxxxxxx] > Sent: Wednesday, August 09, 2006 11:57 PM > To: discussion@xxxxxxxxxxx > Subject: RE: [pfSense-discussion] Problem with ipsec > > > If i dont have remote subnet but in the pfsense i must to > write something in > the textbox REMOTE SUBNET in the configuration of ipsec vpn. > > What I have to write in? > > -----Original Message----- > From: Scott Ullrich [mailto:sullrich@xxxxxxxxx] > Sent: Wednesday, August 09, 2006 4:31 PM > To: discussion@xxxxxxxxxxx > Subject: Re: [pfSense-discussion] Problem with ipsec > > On 8/9/06, Carlos Julio Sánchez [ACC-SIS] > <jsanchez@xxxxxxxxxxxxxxxxxxxxxx> wrote: > > > > > > > > > > Hello! > > > > anybody can help me please? > > > > > > > > I have an error when I set up vpn with ipsec, my computer A > have pfsense > and > > my computer B have Centos(Linux) > > > > > > > > In the ipsec logs I have: > > > > racoon: ERROR: failed to get sainfo. > > > > racoon: ERROR: failed to get sainfo. > > > > racoon: ERROR: failed to pre-process packet. > > > > racoon: INFO: purging ISAKMP-SA > > spi=00bc15f02e56a4a5:69e1cebf2efd8757. > > > > racoon: INFO: purged ISAKMP-SA > > spi=00bc15f02e56a4a5:69e1cebf2efd8757. > > > > racoon: INFO: ISAKMP-SA deleted xxx.xxx.xxx.xxx [500]- > xxx.xxx.xxx.xxx > [500] > > spi:00bc15f02e56a4a5:69e1cebf2efd8757 > > > > > > > > in the logs of computer B I have: > > > > > > > > Aug 9 16:15:08 actibts1 racoon: NOTIFY: couldn't find the > proper pskey, > try > > to get one by the peer's address. > > > > Aug 9 16:15:08 actibts1 racoon: INFO: ISAKMP-SA established > > xxx.xxx.xxx.xxx[500]-xxx.xxx.xxx.xxx[500] > > spi:00bc15f02e56a4a5:69e1cebf2efd8757 > > > > Aug 9 16:15:09 actibts1 racoon: INFO: initiate new phase 2 > negotiation: > > xxx.xxx.xxx.xxx [0]<=> xxx.xxx.xxx.xxx [0] > > > > Aug 9 16:15:39 actibts1 racoon: INFO: IPsec-SA expired: > AH/Transport > > xxx.xxx.xxx.xxx -> xxx.xxx.xxx.xxx spi=35812955(0x222765b) > > > > Aug 9 16:15:39 actibts1 racoon: WARNING: the expire > message is received > but > > the handler has not been established. > > > > Aug 9 16:15:39 actibts1 racoon: ERROR: xxx.xxx.xxx.xxx > give up to get > > IPsec-SA due to time up to wait. > > Double check your phase 2 settings on both hosts. There is a mismatch > somewhere. > > Scott > > |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Re: Problem with ipsec: 00010, Chris Buechler |
|---|---|
| Next by Date: | RE: Problem with ipsec: 00010, Carlos Julio Sánchez [ACC-SIS] |
| Previous by Thread: | Re: Problem with ipseci: 00010, Chris Buechler |
| Next by Thread: | RE: Problem with ipsec: 00010, Carlos Julio Sánchez [ACC-SIS] |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |