I create local address and mark connection so that all traffic goes through the tunnel. Nothing special - I just follow the instructions from the article of ProtonVPN mentioned above. But there's no problem to share other settings with you. I've posted only ipsec as I thought all other is irrelevant, yes. The "Proton VPN CA" certificate must be in your router's certificate store in order that the router could verify validity of the certificate presented by the ProtonVPN responder. One unrelated remark, there is no point in specifying the certificate in the identity as you authenticate to the responder using a username and password. ![]() To me, the issue with mangle rules seems most likely, but as you've decided to post only the part of the configuration you assumed to be relevant, I can't say that for sure. something has changed about the contents in the first IKEv2 packet between ROS 6 and ROS 7 so ProtonVPN ignores it.something is wrong at the responder (ProtonVPN) side. ![]() ![]() a firewall issue at your end (if you use mangle rules, these two points may actually be one as the interpretation of the routing-mark has changed somewhere between ROS 7.1 and ROS 7.6, so the response from the responder may get diverted). ![]() There is no response from the remote IPsec responder in the log.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |