HI. Im trying to establish connection between SophsXG and FritzBox 7360 but im facing issues.
did someone was able to make it work? Here are some details:
CONFIG ON FRITZ BOX:
vpncfg {
connections {
{
enabled = yes;
editable = yes;
conn_type = conntype_lan;
name = "212.xx.xx.xx";
boxuser_id = 0;
always_renew = no;
reject_not_encrypted = no;
dont_filter_netbios = yes;
localip = 0.0.0.0;
local_virtualip = 0.0.0.0;
remoteip = 212.xx.xx.xx;
remote_virtualip = 0.0.0.0;
keepalive_ip = 192.168.179.2;
localid {
fqdn = "This was some encoded thing";
}
remoteid {
ipaddr = 212.xx.xx.xx;
}
mode = phase1_mode_aggressive;
phase1ss = "all/all/all";
keytype = connkeytype_pre_shared;
key = "MY_PSK";
cert_do_server_auth = no;
use_nat_t = yes;
use_xauth = no;
use_cfgmode = no;
phase2localid {
ipnet {
ipaddr = 192.168.178.0;
mask = 255.255.255.0;
}
}
phase2remoteid {
ipnet {
ipaddr = 192.168.179.1;
mask = 255.255.255.0;
}
}
phase2ss = "esp-all-all/ah-none/comp-all/pfs";
accesslist = "permit ip any 192.168.179.1 255.255.255.0";
app_id = 0;
}
ike_forward_rules = "udp 0.0.0.0:500 0.0.0.0:500",
"udp 0.0.0.0:4500 0.0.0.0:4500";
Errors from log on Sophos:
Couldn't parse IKE header from XXX.XXX.XXX.XXX[55443]. Check the debug logs.
FritzBox_IPsecS2S - Remote gateway didn't respond to the initial message 0. Check if the remote gateway is reachable. (Remote: XX.XX.XX.XX)
FritzBox_IPsecS2S_Egid-1 - IKE message (AC004800) retransmission to XX.XX.XX.XX timed out. Check if the remote gateway is reachable. (Remote: XX.XX.XX.XX
Below what i have chosen on FritzBox - type of VPN:
SOPHOS SITE:
This thread was automatically locked due to age.
