IPsec 504 Gateway Time-out when applying changes with a large number of IPSec gateways/tunnels

gassyantelope · Jun 6, 2022, 1:22 PM

There seems to be a problem when trying to apply IPsec VPN changes when many VPN gateways/tunnels are added. The firewall will throw a 504 gateway time-out error and won't apply the changes on the first attempt. I have to try applying the changes 2-3 times (waiting for a timeout between each attempt) before they will finally apply. It seems to only happen once I surpass ~25 VPNs. Before that, the changes would apply fine.

There was a thread from last year (which I'm replying to with this thread) where other people were having the same problem. No solution was ever provided in that thread, yet the problem still seems to exist. Is there a solution to solve this problem?

Thanks

glreed735 · Jun 6, 2022, 1:22 PM

@gassyantelope Had this very problem with versions 2.5 and below. Version 2.6 had massive improvements to IPSEC handling in the GUI, so 2.6 resolved the issues for me.

gassyantelope · Jun 6, 2022, 9:27 PM

@glreed735 Interesting, since I'm already on 2.6 and am having problems. One thing I've noticed, since my original post, is that it seems to primarily happen when adding a new gateway or tunnel. If I edit the settings on an existing one, it applies the changes fine.

glreed735 · Jun 7, 2022, 6:55 PM

@gassyantelope Our issues was on any add or change to an IPSEC configuration. The Status, IPSEC page was very slow as well, up to a minute to load. Now loads in <1 sec. 2.6.0 definitely fixed all our IPSEC setup and modify 504 errors.