IPSec and Windows File Sharing
-
Doesn't sound familair. I've got IPsec connections going every which way on 1.2.3 even with mobile clients and they all work fine without any manual intervention.
Is there anything in the log at all when the connections stop working? Does checking "prefer old IPsec SA" under advanced make any difference?
Can you give me some direction where to check for logs about this problem ? I've just checked prefer old IPSec SA and will test it all night. Thanks again for your replies !
-
See how that test goes and if that doesn't help, you might want to adjust some of your key lifetimes to be a bit longer, and make sure they are not set to the same value.
-
So far so good - still got tunnel and/or if it goes off just one ping or other request brings it back on which is great. Testing continue… But i still have problems with mobile client. Which values do you mean NOT to be the same ?
-
The phase 1 and phase 2 lifetimes.
-
Nope, not the same 28800 phase 1 and 86400 phase 2. Mobile client continue with hanging. More interesting is that the client is connected but no transfer. When i check the mobile client it's status is connected when i try ping - request timed out.
-
OK, after a couple of days testing vpn between the two pfsense boxes work perfect, but i still have problems with vpn client. Any ideas about that ?
-
Please help with the mobile clients… Still connection go to sleep after while... It's says it's connected to one of the pfsense boxes and it's working, but it connects to the other one and it's says it's connected and not working ?! Any ideas would be great... Thanks in advance guys....
-
OpenVPN is a more reliable mobile solution and without the limitations of the IPsec implementation. I would switch the mobile clients to OpenVPN.
-
So is it possible to have OpenVPN and IPSec running at the same time ?
-
Yes
-
Thanks for your reply. If i check the status it says it's connected but it's actually not. Restarting racoon helps for bringing it back on. I have also tried something else on other remote machine.
This is the EXACT problem I am haivng with my setup. My message is posted with the subject, "IPsec tunnel randomly drops."
There is nothing in the IPsec logs that indicates the tunnel is down, but all data stops passing. Just like yours, the tunnel shows to be up.
Kind regards,
-=Zapped=- -
Well i have this problem only with mobile clients. Site-to-site is working great. I did setup OpenVPN for mobile client now and it is working but the connection is really slow when i'm accessing files through share. ???
-
Are you using TCP or UDP for your OpenVPN tunnel? If you're using TCP, change it to UDP and see if that fixes your issue. Turning compression on can help as well. Otherwise, consider the size of the pipe you're using and what its upload speed is. I had an executive who was trying to work on a shared 3 gig file across a tunnel complain about how slow it was, which is true since he only had a 512k upload.
-
Thanks submicron UDP did solve the problem. I'm using it to access mdb file like 5mb not 3GB :) from time to time. I'm going to use this thread to ask another question - I have two pfsense boxes IPSec site-to-site and it's working ok - 192.168.1.0 and 192.168.2.0. I'm connecting OpenVPN Mobile Client(192.168.3.0) to site 1 (192.168.1.0) and it's working ok too. Can i route somehow site2 (192.168.2.0) to access OpenVPN client ?
