I am trying to make an ipsec tunnel between my pfSense box and my friends UDM Pro. We are struggling to get it to connect. We had to go with ikev1 and aes. If we tried to go with AES 256 and above, pfSense wants to use CGM and the UDM-Pro wants to use AES-CBC
Aug 3 14:00:45charon2089415[CFG] <138> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Aug 3 14:00:45charon2089415[CFG] <138> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Once we have a connection, we are unable to have traffic pass through the connection. It is a bit difficult with having very limited configure options in the UDM Pro interface.
Any ideas or thoughs?