Hi list, since the update to 4.3 I have a problem with my IPSec configuration. I use it to secure my WLAN and it worked fine until the update.
These are the ipsec.conf's: Notebook: ike esp from 10.0.1.100 to 0.0.0.0 peer 10.0.1.254 ike esp from 10.0.1.100 to 10.0.1.254 AP: ike passive esp from 0.0.0.0/0 to 10.0.1.100 peer 10.0.1.100 The keys are where they have to be: Notebook: # ls /etc/isakmpd/pubkeys/ipv4 10.0.1.254 AP: # ls /etc/isakmpd/pubkeys/ipv4 10.0.1.100 First I thought it is a problem with my pf.conf, but I made a simple "pass all" with no effect. This is what the logfiles say: Notebook: isakmpd[28139]: rsa_sig_decode_hash: no public key found isakmpd[28139]: dropped message from 10.0.1.254 port 500 due to notification type INVALID_ID_INFORMATION AP: isakmpd[3588]: transport_send_messages: giving up on exchange peer-10.0.1.100, no response from peer 10.0.1.100:500 I searched for INVALID_ID_INFORMATION and found that the AP sends the wrong ID. But why? With little hope I forced both IKEs to use only IPV4, of course with no effect. So what am I doing wrong? Did something changed between 4.2 and 4.3 with IPSec and I didn't get it? BTW, unencrypted WLAN works fine. Thank you & best regards Jochen Fabricius
