In hindsight, the error below was very easy to explain. But when you're confronted with a non-working VPN server, you're checking every error in the log. Unfortunately most errors are non-self-explanatory and when you look them up on the internet, nothing can be found.
2011-04-23 11:38:53: [192.168.0.3] ERROR: invalid flag 0x08.
A default configuration in Windows 7 will have the type of type of VPN set to "automatic". This will cause Windows to try to connect with each VPN type it supports until it has a connection. In this case, Windows will first try IKEv2, then PPTP and finally (in this case) IPSec/L2TP. This can also be
If you look this error up in Google, you get exactly 1 result. The result is a message on a board from someone who apparently has the same problem. To me, this seems very strange. As most people will use the automatic setting (since it will work in most cases), almost every racoon log will contain this error... Doesn't anybody care about errors in their logs? Or am I mistaken?
In my case, when I've got this error, It was the IKE version. I've check "auto" on Pfsense and in my racoon server, nothing specified. And I've got this error. The pfsense have an public IP and the racoon server use NAT-T because not having an public ip, it's behind a ISP router.
ReplyDelete==> to resolve this, I've force IKEv1 on PfSence and it work great, my phase1 and 2 were established. I'll post a topic on my blog http://www.monlunux.net to configure and debug a IPsec ESP tunnel when I've got more time.
Hey this post was great. Looking forward to more such posts about VPNs. Well, I have just purchased Android phone and now I have been looking for the top android vpn for china. If you have suggestions for a good one, please let me know.
ReplyDelete