Firewall blocking connexions via IPSec

[joshYarnspinner]

...

[joshYarnspinner]

Anyone?

[jdubjr]

On the firewall, your port numbers look ok except for one. Double check they are the correct protocol too.

UDP - 500
UDP - 4500
TCP - 443
TCP - 992
TCP - 1194
TCP - 5555

Your symptoms sound like ports 500 and 4500 are not UDP.

[joshYarnspinner]

jdubjr wrote:
> On the firewall, your port numbers look ok except for one. Double check
> they are the correct protocol too.
>
> UDP - 500
> UDP - 4500
> TCP - 443
> TCP - 992
> TCP - 1194
> TCP - 5555
>
> Your symptoms sound like ports 500 and 4500 are not UDP.
They are all TCP/UDP

[jdubjr]

Have you tried setting the RPi as the DMZ host in your Super Hub 2?

[jdubjr]

One difference I see between your config and mine is I have:

bool L2TP_Raw false

I'm pretty sure you don't want that set to true. That would be an unencrypted connection.

[joshYarnspinner]

jdubjr wrote:
> Have you tried setting the RPi as the DMZ host in your Super Hub 2?
Yes. Didn't work. Also the L2TP thing has been changed I don't think it affects whether I'm able to connect.

[joshYarnspinner]

Any other suggestions? I've checked and made sure all the ports are forwarded etc... also disabled the L2TP thing.

[jdubjr]

Any clues in the packet logs on the VPN server? If not, I would do a wireshark capture next.

[jdubjr]

Seen this tutorial?

http://tomearp.blogspot.com/2013/11/set ... ether.html

[joshYarnspinner]

jdubjr wrote:
> Seen this tutorial?
>
>
> http://tomearp.blogspot.com/2013/11/set ... ether.html

Yes, I followed it to set up the Pi. I'm attempting to get the logs out right now but I am not sure which ones to take out.

[thisjun]

Please show a log around connecting time.

[joshYarnspinner]

...

[thisjun]

In the log, user name "temporary_session" is used for auth.
Is it correct? Is there the user name on a RADIUS?