Die beiden Kommunizieren bereits miteinander, aber der opnSense lehnt die Verbindung ab.
Im Log auf den openSense steht beim Verbindungsversuch folgendes.
Code: Alles auswählen
2020-09-03T12:43:27 charon: 05[NET] <10355> sending packet: from XX.XXX.123.62[500] to XXX.X.212.211[500] (80 bytes)
2020-09-03T12:43:27 charon: 05[ENC] <10355> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
2020-09-03T12:43:27 charon: 05[CFG] <10355> no matching peer config found
2020-09-03T12:43:27 charon: 05[CFG] <10355> looking for peer configs matching XX.XXX.123.62[%any]...XXX.X.212.211[vpn@domain.de]
2020-09-03T12:43:27 charon: 05[ENC] <10355> parsed IKE_AUTH request 1 [ SA IDi AUTH TSi TSr N(INIT_CONTACT) ]
2020-09-03T12:43:27 charon: 05[NET] <10355> received packet: from XXX.X.212.211[500] to XX.XXX.123.62[500] (240 bytes)
2020-09-03T12:43:27 charon: 05[NET] <10355> sending packet: from XX.XXX.123.62[500] to XXX.X.212.211[500] (493 bytes)
2020-09-03T12:43:27 charon: 05[ENC] <10355> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(CHDLESS_SUP) N(MULT_AUTH) ]
2020-09-03T12:43:27 charon: 05[IKE] <10355> sending cert request for "C=DE, ST=North Rhine-Westphalian, L=Detmold, O=COMPANY-NAME, E=info@domain.de, CN=vpn_mwd"
2020-09-03T12:43:27 charon: 05[IKE] <10355> sending cert request for "C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X3"
2020-09-03T12:43:27 charon: 05[CFG] <10355> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
2020-09-03T12:43:27 charon: 05[IKE] <10355> XXX.X.212.211 is initiating an IKE_SA
2020-09-03T12:43:27 charon: 05[IKE] <10355> received FRAGMENTATION vendor ID
2020-09-03T12:43:27 charon: 05[ENC] <10355> parsed IKE_SA_INIT request 0 [ SA KE No N(REDIR_SUP) N(NATD_S_IP) N(NATD_D_IP) V ]
2020-09-03T12:43:27 charon: 05[NET] <10355> received packet: from XXX.X.212.211[500] to XX.XXX.123.62[500] (476 bytes)