Error creating a IKEV2 vpn to Lancom Gateway

luggio · February 15, 2024, 9:24am

Hello!
I’m trying to connect a RUTX09 to a Lancom ISG-5000 gateway.
Ikev2 with FQDN and preshared key.

I’ve always connected only Lancom router to the gateway, all fine

With Rutx09 i get authentication failed but i cant find the error.
This is the router VPN log
Thu Feb 15 08:57:55 2024 daemon.info ipsec: 13[CFG] received stroke: initiate ‘test-test_c’
Thu Feb 15 08:57:55 2024 daemon.info ipsec: 13[IKE] <test-test_c|60> initiating IKE_SA test-test_c[60] to Gatewayip
Thu Feb 15 08:57:55 2024 daemon.info ipsec: 13[ENC] <test-test_c|60> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Thu Feb 15 08:57:55 2024 daemon.info ipsec: 13[NET] <test-test_c|60> sending packet: from Mypublicip[500] to Gatewayip[500] (960 bytes)
Thu Feb 15 08:57:55 2024 daemon.info ipsec: 12[NET] <test-test_c|60> received packet: from Gatewayip[500] to Mypublicip[500] (495 bytes)
Thu Feb 15 08:57:55 2024 daemon.info ipsec: 12[ENC] <test-test_c|60> parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HASH_ALG) N(FRAG_SUP) CERTREQ V ]
Thu Feb 15 08:57:55 2024 daemon.info ipsec: 12[ENC] <test-test_c|60> received unknown vendor ID: 81:75:2e:b5:91:4d:73:5c:df:cd:c8:58:c3:a8:ed:7c:1c:66:d1:42
Thu Feb 15 08:57:55 2024 daemon.info ipsec: 12[CFG] <test-test_c|60> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Thu Feb 15 08:57:55 2024 daemon.info ipsec: 12[IKE] <test-test_c|60> local host is behind NAT, sending keep alives
Thu Feb 15 08:57:55 2024 daemon.info ipsec: 12[IKE] <test-test_c|60> received 1 cert requests for an unknown ca
Thu Feb 15 08:57:55 2024 daemon.info ipsec: 12[IKE] <test-test_c|60> authentication of ‘FQDN’ (myself) with pre-shared key
Thu Feb 15 08:57:55 2024 daemon.info ipsec: 12[IKE] <test-test_c|60> establishing CHILD_SA test-test_c{60}
Thu Feb 15 08:57:55 2024 daemon.info ipsec: 12[ENC] <test-test_c|60> generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) IDr AUTH SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_6_ADDR) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Thu Feb 15 08:57:55 2024 daemon.info ipsec: 12[NET] <test-test_c|60> sending packet: from Mypublicip[4500] to Gatewayip[4500] (451 bytes)
Thu Feb 15 08:57:55 2024 daemon.info ipsec: 06[NET] <test-test_c|60> received packet: from Gatewayip[4500] to Mypublicip[4500] (65 bytes)
Thu Feb 15 08:57:55 2024 daemon.info ipsec: 06[ENC] <test-test_c|60> parsed IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Thu Feb 15 08:57:55 2024 daemon.info ipsec: 06[IKE] <test-test_c|60> received AUTHENTICATION_FAILED notify error

Do you have any idea?

Thanks in advance

system · March 1, 2024, 9:25am

This topic was automatically closed after 15 days. New replies are no longer allowed.