Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense - Web Configurator crash with 150 + ipsec tunnels

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 2 Posters 2.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      TheBlast
      last edited by

      Hi there,
      I'm trying to replace an old box with IPCop by a new one withe PFSense.
      Looks like a great product but one things puzzles me.
      The configuration is quite simple : two wans, Lan and DMZ, OpenVPN and 150 + Ipsec tunnels.

      With RC1, RC2 and RC3, I experienced web configurator not responding after trying to get the IPSec status.
      Restarting the weconfigurator through SSH did not help : only a reboot could do the job.

      Is there a way to debug ? Looks like a php-helper job / process which stucks the webconfigurator.

      1 Reply Last reply Reply Quote 0
      • C Offline
        cmb
        last edited by

        You using dyndns names for the remote endpoints? Seth has done some where in that area to ensure large scale IPsec functions, he has 400+ connections on one system all with dyndns. There are some considerations there though, like he has to make sure to use an internal DNS server that has the hostnames cached, otherwise all the DNS lookups take forever going out to the Internet.

        1 Reply Last reply Reply Quote 0
        • T Offline
          TheBlast
          last edited by

          Hi,
          yes, some tunnels are configured to use a FQDN with a domain 'hosted' by dns (with a very low TTL, making the cache useless).
          And the problem get worse when the internet line is down so you must be right.

          Thanks a lot !

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.