VPN Site-to-Site pfSense to fortigate : authentication failed

Question

I can't make my VPN connection between à Fortigate 7 and a pfSense working. Problem seems to be on fortigate side with logs :

ike 0:IPSec StS:276: sent IKE msg (AUTH): 10.10.1.1:4500-><IP1>:4500, len=240, vrf=0, id=407f40ef0690ff0a/7b6f6360ee2cc308:00000001
ike 0: comes <IP1>:4500->10.10.1.1:4500,ifindex=17,vrf=0....
ike 0: IKEv2 exchange=AUTH_RESPONSE id=407f40ef0690ff0a/7b6f6360ee2cc308:00000001 len=224
ike 0: in 407F40EF0690FF0A7B6F6360EE2CC3082E20232000000001000000E0240000C4655D8C2EAE4B581BA67351B090C85346E33D0EC7D0B5871252888DF9C4CB91310834577968DF715412F3CCA068364AAA57733D8365221D840BA518781B4DC8BFC45BC5C585456C04C5AC239AF66F8845E82B36A08D9B462FE32DCE2F4C7B824418B9AF39C24EE1FCC6E738171008D23EA5457B9DD2D6890E3DFE2F7D6E4B2E71F844810298617FCE8D36AFA8EF2F07DFDB49DE680F2D1C75ABAC4A2E133F20DC29C8303D521CA1B3F9ACB798BCA385B6FE80AF70889A747B3024D146AE2CE3B4
ike 0:IPSec StS:276: dec 407F40EF0690FF0A7B6F6360EE2CC3082E20232000000001000000B8240000042700000C010000009750C1BA29000028020000001A86002A5332CB855F5C928F3C4D28A6401CF9882A70B78E0C2963FB03BBBFF6210000080000400A2C00002C0000002801030403C23701D70300000C0100000C800E0080030000080300000C00000008050000002D00001801000000070000100000FFFF0A1400000A1403FF0000001801000000070000100000FFFF0A1416000A1416FF
ike 0:IPSec StS:276: initiator received AUTH msg
ike 0:IPSec StS:276: peer identifier IPV4_ADDR <IP1>
ike 0:IPSec StS:276: auth verify done
ike 0:IPSec StS:276: initiator AUTH continuation
ike 0:IPSec StS:276: authentication failed

On the pfsense the logs are :

Aug 2 18:13:03  charon  94066   14[IKE] <con1|274> authentication of '10.10.1.1' with pre-shared key successful
Aug 2 18:13:03  charon  94066   14[IKE] <con1|274> authentication of '<<IP_1>>' (myself) with pre-shared key
Aug 2 18:13:03  charon  94066   14[IKE] <con1|274> successfully created shared key MAC
Aug 2 18:13:03  charon  94066   14[IKE] <con1|273> destroying duplicate IKE_SA for peer '10.10.1.1', received INITIAL_CONTACT
Aug 2 18:13:03  charon  94066   14[IKE] <con1|273> IKE_SA con1[273] state change: ESTABLISHED => DESTROYING
Aug 2 18:13:03  charon  94066   14[CHD] <con1|273> CHILD_SA con1{274} state change: INSTALLED => DESTROYING

I investigate a lot but seems that fortigate do not give any explanation like "probable pre-shared key mismatch".

Thanks for help.

Answer 1

In fact i have two site to site on the pfsense. Seems it use the 1st sts pre-shared in the second one. No idea why but pb is located