IPsec ikev2 med radius autentisering
Hej,
har lite problem att få igång detta på min pfsense
detta är vad jag hittar i loggen:
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received cert request for unknown ca with keyid 11:11:11:11:11:11:1
Nov 12 09:30:01
charon
12[IKE] <47> received 52 cert requests for an unknown ca
Nov 12 09:30:01
charon
12[CFG] <47> looking for peer configs matching XX.XX.XX.XX[%any]...XX.XX.XX.XX[XX.XX.XX.XX]
Nov 12 09:30:01
charon
12[CFG] <47> candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 12 09:30:01
charon
12[CFG] <con-mobile|47> selected peer config 'con-mobile'
Nov 12 09:30:01
charon
12[IKE] <con-mobile|47> initiating EAP_IDENTITY method (id 0x00)
Nov 12 09:30:01
charon
12[IKE] <con-mobile|47> processing INTERNAL_IP4_ADDRESS attribute
Nov 12 09:30:01
charon
12[IKE] <con-mobile|47> processing INTERNAL_IP4_DNS attribute
Nov 12 09:30:01
charon
12[IKE] <con-mobile|47> processing INTERNAL_IP4_NBNS attribute
Nov 12 09:30:01
charon
12[IKE] <con-mobile|47> processing INTERNAL_IP4_SERVER attribute
Nov 12 09:30:01
charon
12[IKE] <con-mobile|47> processing INTERNAL_IP6_ADDRESS attribute
Nov 12 09:30:01
charon
12[IKE] <con-mobile|47> processing INTERNAL_IP6_DNS attribute
Nov 12 09:30:01
charon
12[IKE] <con-mobile|47> processing INTERNAL_IP6_SERVER attribute
Nov 12 09:30:01
charon
12[IKE] <con-mobile|47> peer supports MOBIKE
Nov 12 09:30:01
charon
12[IKE] <con-mobile|47> authentication of 'vpn.domain.com' (myself) with RSA signature successful
Nov 12 09:30:01
charon
12[IKE] <con-mobile|47> sending end entity cert "CN=vpn.domain.com, C=SE, ST=XXXXX, L=XXX, O=XXXXXXX"
Nov 12 09:30:01
charon
12[ENC] <con-mobile|47> generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
Nov 12 09:30:01
charon
12[ENC] <con-mobile|47> splitting IKE message (1664 bytes) into 2 fragments
Nov 12 09:30:01
charon
12[ENC] <con-mobile|47> generating IKE_AUTH response 1 [ EF(1/2) ]
Nov 12 09:30:01
charon
12[ENC] <con-mobile|47> generating IKE_AUTH response 1 [ EF(2/2) ]
Nov 12 09:30:01
charon
12[NET] <con-mobile|47> sending packet: from XX.XX.XX.XX[4500] to XX.XX.XX.XX[3141] (1236 bytes)
Nov 12 09:30:01
charon
12[NET] <con-mobile|47> sending packet: from XX.XX.XX.XX[4500] to XX.XX.XX.XX[3141] (500 bytes)
Nov 12 09:30:31
charon
12[JOB] <con-mobile|47> deleting half open IKE_SA with XX.XX.XX.XX after timeout
Nov 12 09:30:31
charon
12[IKE] <con-mobile|47> IKE_SA con-mobile[47] state change: CONNECTING => DESTROYING
Settings:
stage2:
Förslag på vad jag missar?
på datorn får jag: IKE authentication credentials are unacceptable felmeddelandet
Citera om du vill ha svar :)
