DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
draytek - setting up IPsec client
- robina80
- Topic Author
- Offline
- New Member
Less
More
- Posts: 9
- Thank you received: 0
23 Oct 2015 12:36 #84600
by robina80
draytek - setting up IPsec client was created by robina80
hi all.
i have set up the IPsec server on my pfsense and can connect to it using my mobile using 3G no problem
but trouble is on the draytek when i want to create a IPsec client, i cant as is doesnt ask me anywhere on the configuration page to enter a username password (it is greyed out), it asks for the pre shared key which is good but not the username password
does anyone know how you can do it please
many thanks
rob
i have set up the IPsec server on my pfsense and can connect to it using my mobile using 3G no problem
but trouble is on the draytek when i want to create a IPsec client, i cant as is doesnt ask me anywhere on the configuration page to enter a username password (it is greyed out), it asks for the pre shared key which is good but not the username password
does anyone know how you can do it please
many thanks
rob
Please Log in or Create an account to join the conversation.
- robina80
- Topic Author
- Offline
- New Member
Less
More
- Posts: 9
- Thank you received: 0
25 Oct 2015 11:15 #84616
by robina80
Replied by robina80 on topic Re: draytek - setting up IPsec client
dont worry i have set up L2TP/IPsec server on my pfsense firewall and i have set up L2TP/IPsec client on the draytek router and it works
Please Log in or Create an account to join the conversation.
- robina80
- Topic Author
- Offline
- New Member
Less
More
- Posts: 9
- Thank you received: 0
27 Oct 2015 16:54 #84632
by robina80
Replied by robina80 on topic Re: draytek - setting up IPsec client
it connects as i can see it in status > ipsec but it connects briefly, here are the logs for ipsec, if anyone would help me out as i dont understand it-
Oct 27 15:39:07 charon: 08[NET] <con1|196> received packet: from 217.138.11.250[4500] to 193.203.70.61[4500] (92 bytes)
Oct 27 15:39:07 charon: 08[ENC] <con1|196> parsed INFORMATIONAL_V1 request 4068196451 [ HASH D ]
Oct 27 15:39:07 charon: 08[IKE] <con1|196> received DELETE for IKE_SA con1[196]
Oct 27 15:39:07 charon: 08[IKE] <con1|196> deleting IKE_SA con1[196] between 193.203.70.61[193.203.70.61]...217.138.11.250[ipsec@molinare.co.uk ]
Oct 27 15:39:10 charon: 11[NET] <197> received packet: from 217.138.11.250[500] to 193.203.70.61[500] (492 bytes)
Oct 27 15:39:10 charon: 11[ENC] <197> parsed AGGRESSIVE request 0 [ SA KE No ID V V V V V V ]
Oct 27 15:39:10 charon: 11[IKE] <197> received DPD vendor ID
Oct 27 15:39:10 charon: 11[IKE] <197> received NAT-T (RFC 3947) vendor ID
Oct 27 15:39:10 charon: 11[IKE] <197> received draft-ietf-ipsec-nat-t-ike-03 vendor ID
Oct 27 15:39:10 charon: 11[IKE] <197> 217.138.11.250 is initiating a Aggressive Mode IKE_SA
Oct 27 15:39:10 charon: 11[CFG] <197> looking for pre-shared key peer configs matching 193.203.70.61...217.138.11.250[ipsec@molinare.co.uk ]
Oct 27 15:39:10 charon: 11[CFG] <197> selected peer config "con1"
Oct 27 15:39:10 charon: 11[ENC] <con1|197> generating AGGRESSIVE response 0 [ SA KE No ID NAT-D NAT-D HASH V V V V ]
Oct 27 15:39:10 charon: 11[NET] <con1|197> sending packet: from 193.203.70.61[500] to 217.138.11.250[500] (408 bytes)
Oct 27 15:39:10 charon: 07[NET] <con1|197> received packet: from 217.138.11.250[4500] to 193.203.70.61[4500] (100 bytes)
Oct 27 15:39:10 charon: 07[ENC] <con1|197> parsed AGGRESSIVE request 0 [ HASH NAT-D NAT-D ]
Oct 27 15:39:10 charon: 07[IKE] <con1|197> IKE_SA con1[197] established between 193.203.70.61[193.203.70.61]...217.138.11.250[ipsec@molinare.co.uk ]
Oct 27 15:39:10 charon: 07[IKE] <con1|197> scheduling reauthentication in 2608s
Oct 27 15:39:10 charon: 07[IKE] <con1|197> maximum IKE_SA lifetime 3148s
Oct 27 15:39:10 charon: 07[IKE] <con1|197> local host is behind NAT, sending keep alives
Oct 27 15:39:10 charon: 07[NET] <con1|197> received packet: from 217.138.11.250[4500] to 193.203.70.61[4500] (172 bytes)
Oct 27 15:39:10 charon: 07[ENC] <con1|197> parsed QUICK_MODE request 1103200867 [ HASH SA No ID ID ]
Oct 27 15:39:10 charon: 07[IKE] <con1|197> no matching CHILD_SA config found
Oct 27 15:39:10 charon: 07[ENC] <con1|197> generating INFORMATIONAL_V1 request 797536767 [ HASH N(INVAL_ID) ]
Oct 27 15:39:10 charon: 07[NET] <con1|197> sending packet: from 193.203.70.61[4500] to 217.138.11.250[4500] (76 bytes)
Oct 27 15:39:13 charon: 13[NET] <con1|197> received packet: from 217.138.11.250[4500] to 193.203.70.61[4500] (172 bytes)
Oct 27 15:39:07 charon: 08[NET] <con1|196> received packet: from 217.138.11.250[4500] to 193.203.70.61[4500] (92 bytes)
Oct 27 15:39:07 charon: 08[ENC] <con1|196> parsed INFORMATIONAL_V1 request 4068196451 [ HASH D ]
Oct 27 15:39:07 charon: 08[IKE] <con1|196> received DELETE for IKE_SA con1[196]
Oct 27 15:39:07 charon: 08[IKE] <con1|196> deleting IKE_SA con1[196] between 193.203.70.61[193.203.70.61]...217.138.11.250[
Oct 27 15:39:10 charon: 11[NET] <197> received packet: from 217.138.11.250[500] to 193.203.70.61[500] (492 bytes)
Oct 27 15:39:10 charon: 11[ENC] <197> parsed AGGRESSIVE request 0 [ SA KE No ID V V V V V V ]
Oct 27 15:39:10 charon: 11[IKE] <197> received DPD vendor ID
Oct 27 15:39:10 charon: 11[IKE] <197> received NAT-T (RFC 3947) vendor ID
Oct 27 15:39:10 charon: 11[IKE] <197> received draft-ietf-ipsec-nat-t-ike-03 vendor ID
Oct 27 15:39:10 charon: 11[IKE] <197> 217.138.11.250 is initiating a Aggressive Mode IKE_SA
Oct 27 15:39:10 charon: 11[CFG] <197> looking for pre-shared key peer configs matching 193.203.70.61...217.138.11.250[
Oct 27 15:39:10 charon: 11[CFG] <197> selected peer config "con1"
Oct 27 15:39:10 charon: 11[ENC] <con1|197> generating AGGRESSIVE response 0 [ SA KE No ID NAT-D NAT-D HASH V V V V ]
Oct 27 15:39:10 charon: 11[NET] <con1|197> sending packet: from 193.203.70.61[500] to 217.138.11.250[500] (408 bytes)
Oct 27 15:39:10 charon: 07[NET] <con1|197> received packet: from 217.138.11.250[4500] to 193.203.70.61[4500] (100 bytes)
Oct 27 15:39:10 charon: 07[ENC] <con1|197> parsed AGGRESSIVE request 0 [ HASH NAT-D NAT-D ]
Oct 27 15:39:10 charon: 07[IKE] <con1|197> IKE_SA con1[197] established between 193.203.70.61[193.203.70.61]...217.138.11.250[
Oct 27 15:39:10 charon: 07[IKE] <con1|197> scheduling reauthentication in 2608s
Oct 27 15:39:10 charon: 07[IKE] <con1|197> maximum IKE_SA lifetime 3148s
Oct 27 15:39:10 charon: 07[IKE] <con1|197> local host is behind NAT, sending keep alives
Oct 27 15:39:10 charon: 07[NET] <con1|197> received packet: from 217.138.11.250[4500] to 193.203.70.61[4500] (172 bytes)
Oct 27 15:39:10 charon: 07[ENC] <con1|197> parsed QUICK_MODE request 1103200867 [ HASH SA No ID ID ]
Oct 27 15:39:10 charon: 07[IKE] <con1|197> no matching CHILD_SA config found
Oct 27 15:39:10 charon: 07[ENC] <con1|197> generating INFORMATIONAL_V1 request 797536767 [ HASH N(INVAL_ID) ]
Oct 27 15:39:10 charon: 07[NET] <con1|197> sending packet: from 193.203.70.61[4500] to 217.138.11.250[4500] (76 bytes)
Oct 27 15:39:13 charon: 13[NET] <con1|197> received packet: from 217.138.11.250[4500] to 193.203.70.61[4500] (172 bytes)
Please Log in or Create an account to join the conversation.
Moderators: Sami
Copyright © 2024 DrayTek