Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSEC pfSense - fortigate

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 343 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      Nazar Shamanskyy
      last edited by

      Good morning,

      I have an Ipsec tunnel with a client (PfSense - Fortigate).

      We are having some problems in the rekey. When the rekey occurs there is a connection break between both ends that can sometimes last several minutes.

      After some changes at both ends these outages usually occur once a day and are not as noticeable.

      There is another problem that we are suffering and that is, on the PfSense side the tunnel drops and is not able to reconnect:
      Mar 1 12:52:07 charon 96493 09[IKE] <con2|1050> establishing IKE_SA failed, peer not responding
      Mar 1 12:52:07 charon 96493 09[IKE] <con2|1050> giving up after 5 retransmits

      At the same instant on the Fortigate end the tunnel is still connected, as if the fw did not detect the tunnel drop and until the fortigate part is not restarted the connection is not re-established.

      Do you know if there is a concrete/correct configuration to set up the tunnel with a Fortigate fw?

      I attach configuration images of both parts:
      PfSense:
      pf f1.png
      pf f2.png

      Fortigate:
      f f1.png
      image (2).png
      f f2.png

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.