Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    No ip refeshing on IPSEC tunnels against Dinamic Dns Names? x86

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    2 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kaneda
      last edited by

      Hello boys, I had a Cisco 877 connected using IPSEC against a pfsense 1.2.3 like a charm Cisco has Dinamic public ip, that refresh DynDns hostname and I use that hostname for config on both sides of VPN IPSEC config.

      I updated to 2.0 and noticed that the tunnel config uses IP address for config and dont refresh it, Each time it changes I have to enter on PFsense PHase1 and save it, then on logs I saw that it rewrites config with new IP with 1 output.

      vpn_ipsec.php: The command '/usr/local/sbin/racoonctl -s /var/db/racoon/racoon.sock reload-config' returned exit code '1', the output was ''

      It says that previus IP and new IP is the same but I dont belive it.
      Dont know exactly whats happening but this tunnel leave working and with 1.2.3. It never gone down.

      Anyone has experienced something like this?

      1 Reply Last reply Reply Quote 0
      • S
        Solidus_Richard
        last edited by

        @kaneda:

        Hello boys, I had a Cisco 877 connected using IPSEC against a pfsense 1.2.3 like a charm Cisco has Dinamic public ip, that refresh DynDns hostname and I use that hostname for config on both sides of VPN IPSEC config.

        I updated to 2.0 and noticed that the tunnel config uses IP address for config and dont refresh it, Each time it changes I have to enter on PFsense PHase1 and save it, then on logs I saw that it rewrites config with new IP with 1 output.

        vpn_ipsec.php: The command '/usr/local/sbin/racoonctl -s /var/db/racoon/racoon.sock reload-config' returned exit code '1', the output was ''

        It says that previus IP and new IP is the same but I dont belive it.
        Dont know exactly whats happening but this tunnel leave working and with 1.2.3. It never gone down.

        Anyone has experienced something like this?

        Hi, I have a similar problem:

        I have a pfsense 2.0-BETA4 with 1 WAN with Dynamic IP (PPPoE) and Dynamic DNS. and a IPSEC SITE to SITE VPN with a Linksys Router with Static IP.

        PFSENSE (WAN1)(dynamic IP/DNS) <–---------TUNNEL---------> (Static IP)(WAN1)LINKSYS RV082

        The DynDns Updates work fine, but when I reboot the pFsense the WAN1 Dynamic IP changes, the Dynamic DNS updates are Ok, but the other end, the linksys reports that pFsense are declaring as their IP the OLD dynamic IP.

        This a line of log of the linksys:

        We require peer to have ID '189.XXX.133.2', but peer declares '189.XXX.201.225'

        189.XXX.133.2  is the new IP
        189.XXX.201.225 is the OLD IP

        I need to re-save the phase 1 to get connected.

        Is this a bug or only config mistake?

        Thanks in advance.

        Ricardo

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.