FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
396 views 0 comments
by anonymous
Hello,

I have created a IPSEC VPN connection from RUTX50 to FritzBox using the type "client to site" with Xauth.From FritzBox I reach the WebUI of RUTX50 but from RUTX50 I cannot reach the FritzBox only ping is OK. There is a error message in the troubleshoot File in the RUTX50.

Sun Jun 25 21:54:33 2023 daemon.info ipsec: 06[CFG] selected peer config 'FW_NDHSN-FW_NDHSN_c' unacceptable
Sun Jun 25 21:54:33 2023 daemon.info ipsec: 06[CFG] no alternative config found
Sun Jun 25 21:54:33 2023 daemon.info ipsec: 06[IKE] XAuth authentication of 'ELW1' (myself) failed

I have the same secrets in FritzBox and RUTX50 for PSK and Xauth. I have attached the backup and the troubleshoot file. The FritzBox has a DYNDNS IP. The FritzBox uses :

Server : dyndns address

IPSec-ID : ELW1

Shared Secret : PSK secret

Account : ELW1

password : Xauth secret

https://community.teltonika-networks.com/56802/ipsec-vpn-rutx12-with-fritz-box-7490

I have allready tested this, but I does not work

Do you have any idea and can you help me.

Thanks

Matthias

1 Answer

0 votes
by anonymous

Hello,

It appears that there are various issues occurring with the IPsec. Sometimes the child SA is established, sometimes XAuth authentication fails, and sometimes the SA is closed due to duplicate unique IDs replacing the old SA.

It may be that the issue is with the ID selectors where the 'ELW1' ID is declared twice. I would suggest trying to use different IDs (selectors). You could also try disabling unique IDs in the '/etc/ipsec.conf' file (strongswan uniqueids here).

Additionally, you can try enabling 'compatibility mode' in the advanced IPSec settings.

Kind Regards,