Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Tunnel mode Responder only not responding

    Scheduled Pinned Locked Moved
    IPsec
    1
    2
    88
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mcury
      last edited by mcury

      Followed the documentation exactly as described here, including timers and everything else.
      https://docs.netgate.com/pfsense/en/latest/recipes/ipsec-s2s-psk.html

      SIDE A of the tunnel:
      Responder only
      Close connection and clear SA

      SIDE B of the tunnel:
      Default
      Restart/reconnect

      I tested with and without the Keep Alive option in the first p2 entry at the SIDE B.

      SIDE B keeps with status, connecting.
      SIDE A shows Connect P1 and P2

      The tunnel only establishes if I go to side A and click, Connect P1 and P2.

      Edit:
      Forgot to mention that SIDE A has another tunnels working in Responder only/Restart reconnect, but the remote peers are Mikrotiks.
      So, this is happening only from pfsense to pfsense.

      M 1 Reply Last reply Reply Quote 0
      • M
        mcury @mcury
        last edited by

        Fixed by inverting the roles, I suppose it was something with NAT-T, UDP port 500 unreachable.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post