Hi,
We started from 0, we made the peers in the GUI and added extra config through the CLI. We added the remote-id, encapsulation and dead-peer-connection but it still wont budge. It looks like they are talking to eachother at the moment. We added some logs from StrongSwam at the bottom, if anyone has any more ideas?
Remote config
ipsec {
auto-firewall-nat-exclude enable
esp-group FOO0 {
lifetime 27000
pfs disable
proposal 1 {
encryption aes256
hash sha1
}
}
ike-group FOO0 {
dead-peer-detection {
action restart
interval 30
timeout 120
}
key-exchange ikev1
lifetime 28800
proposal 1 {
dh-group 2
encryption aes256
hash sha1
}
}
site-to-site {
peer 84.193.113.165 {
authentication {
id 84.192.113.134
mode pre-shared-secret
pre-shared-secret SECRET
remote-id 10.69.133.7
}
connection-type respond
description "VPN Site-to-Site Kobe"
force-encapsulation enable
ike-group FOO0
local-address 0.0.0.0
tunnel 1 {
esp-group FOO0
local {
prefix 192.168.20.0/24
}
remote {
prefix 10.69.133.0/24
}
}
}
}
}
Remote log
Main Config
ipsec {
auto-firewall-nat-exclude enable
esp-group FOO0 {
lifetime 27000
pfs disable
proposal 1 {
encryption aes256
hash sha1
}
}
ike-group FOO0 {
dead-peer-detection {
action restart
interval 30
timeout 120
}
key-exchange ikev1
lifetime 28800
proposal 1 {
dh-group 2
encryption aes256
hash sha1
}
}
site-to-site {
peer 84.192.113.134 {
authentication {
id 84.193.113.165
mode pre-shared-secret
pre-shared-secret SECRET
remote-id 192.168.20.1
}
connection-type respond
description "VPN Site to site yoshi"
force-encapsulation enable
ike-group FOO0
local-address 0.0.0.0
tunnel 1 {
esp-group FOO0
local {
prefix 10.69.133.0/24
}
remote {
prefix 192.168.20.0/24
}
}
}
}
}Main log
