Project

General

Profile

Issue #3427

IPsec/IKEv2 not working with PSK after update from 5.8.2 to 5.8.4 on pfSense

Added by sblinov sblinov 6 months ago. Updated about 1 month ago.

Status:
Closed
Priority:
Normal
Category:
configuration
Affected version:
5.8.4
Resolution:
No change required

Description

Hello guys, please help!
I have updated pfSense instance with new Strongswan version 5.8.4 and it affected me previously worked configuration for IPSec/ IKEv2 with PSK key. All attempts to connect was failed.
I used IKEV2 IPSEc auth via PSK key
My log:
Apr 26 08:44:08 charon 37755 14[IKE] <con-mobile|2> no shared key found for '161.35.142.86' - 'macbook'
Apr 26 08:44:08 charon 37755 14[IKE] <con-mobile|2> processing INTERNAL_IP4_ADDRESS attribute
Apr 26 08:44:08 charon 37755 14[IKE] <con-mobile|2> processing INTERNAL_IP4_NETMASK attribute
Apr 26 08:44:08 charon 37755 14[IKE] <con-mobile|2> processing INTERNAL_IP4_DHCP attribute
Apr 26 08:44:08 charon 37755 14[IKE] <con-mobile|2> processing INTERNAL_IP4_DNS attribute
Apr 26 08:44:08 charon 37755 14[IKE] <con-mobile|2> processing INTERNAL_IP6_ADDRESS attribute
Apr 26 08:44:08 charon 37755 14[IKE] <con-mobile|2> processing INTERNAL_IP6_DHCP attribute
Apr 26 08:44:08 charon 37755 14[IKE] <con-mobile|2> processing INTERNAL_IP6_DNS attribute
Apr 26 08:44:08 charon 37755 14[IKE] <con-mobile|2> processing INTERNAL_DNS_DOMAIN attribute
Apr 26 08:44:08 charon 37755 14[IKE] <con-mobile|2> received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
Apr 26 08:44:08 charon 37755 14[IKE] <con-mobile|2> peer supports MOBIKE
Apr 26 08:44:08 charon 37755 14[ENC] <con-mobile|2> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Apr 26 08:44:08 charon 37755 14[NET] <con-mobile|2> sending packet: from 161.35.142.864500 to 46.133.78.23141912 (68 bytes)
Apr 26 08:44:08 charon 37755 14[IKE] <con-mobile|2> IKE_SA con-mobile2 state change: CONNECTING => DESTROYING

History

#1 Updated by Tobias Brunner 6 months ago

  • Tracker changed from Bug to Issue
  • Category set to configuration
  • Status changed from New to Feedback
  • Start date deleted (27.04.2020)

Apr 26 08:44:08 charon 37755 14[IKE] <con-mobile|2> no shared key found for '161.35.142.86' - 'macbook'

Fix your config. Also see HelpRequests.

#2 Updated by sblinov sblinov 6 months ago

Tobias Brunner wrote:

Apr 26 08:44:08 charon 37755 14[IKE] <con-mobile|2> no shared key found for '161.35.142.86' - 'macbook'

Fix your config. Also see HelpRequests.

Config is correct PSK key was added with correct identifier like ip address, I have tried change it and create new, but it not working.

#3 Updated by Tobias Brunner 6 months ago

Config is correct PSK key was added with correct identifier like ip address, I have tried change it and create new, but it not working.

Please contact the pfSense developers about this.

#4 Updated by Tobias Brunner about 1 month ago

  • Status changed from Feedback to Closed
  • Assignee set to Tobias Brunner
  • Resolution set to No change required

Also available in: Atom PDF