Problems after 2.2.1 upgrade not passing traffic after rekeying

lw9474

Upgraded 20 something routers.  Some connect to Pfsenese 2.15 end point some connect to Astaro end point.  Remote sites have same problem.  After key life time expires they show as up (both ends under ip sec status) but they will not pass any traffic.  The only resolution is to down tunnel under status and then reconnect.  This is a widespread problem throughout the population of routers that were upgraded.  If anyone has a suggestion let us know.  Thanks.

STI2011

Same problem here between pfSense and Clavister.  :(

skolic

Having same issues here. pfSense creates a new tunnel every fews seconds now. I've tested with IKEv1 and IKEv2. Same results. Any suggestions? Got this after updating to 2.2 and 2.2.1. No change in the last update.

Ruddimaster

I have this issue too.
Its growing sometimes the amount of SPI connection with the state "Rekey: active".
net.key.preferred_oldsa patch already installed.

Ruddimaster

just in this moment:

IPSec was established, but no packet went through.
pfsense_IPSEC-ReKeying_1.jpg

after approx 40 minutes packets went through again, but there are still to many Phase 2 tunnels up….
pfsense_IPSEC-ReKeying_2.jpg

Ruddimaster

… after reconnect (stop button)... it looks fine again...

kitdavis

That is exactly the same problem that I was having.  Once I installed the oldsa patch the problem went completely away.  I was loosing the tunnels several times a day but since installing the patch on Wednesday, the tunnels have been up continuously.  Did you upgrade from 2.2 or from a 2.1x installation?

I also note that you did report that traffic started flowing after some 40 minutes.  My experience with the problem was that once the problem occurred traffic did not flow again until some event caused the tunnels to be completely rebuilt.  Do you see anything in the log (on either end) around the time the connection started working on its own?

Ruddimaster

Hi
@kitdavis:

Did you upgrade from 2.2 or from a 2.1x installation?

Yes, upgrade from 2.1.5 directly to 2.2.1
btw. I have a CARP-Cluster

Patch already on both machines installed and completely rebooted.

Now I have a tunnel witch does not come back..
Here I have approx 50 entries for the same subnet and the state "Rekey: active"

@kitdavis:

Do you see anything in the log (on either end) around the time the connection started working on its own?

This is the log from the other end (Sophos)

015:04:08-08:42:35 VPN1 [26730]: "S_REF_iZBHPvPFxu_0" #1173: sending encrypted notification INVALID_ID_INFORMATION to xxx.xxx.xxx.xxx:500
2015:04:08-08:42:36 VPN1 [26730]: "S_REF_iZBHPvPFxu_1" #1171: max number of retransmissions (2) reached STATE_QUICK_I1.  No acceptable response to our first Quick Mode message: perhaps peer likes no proposal
2015:04:08-08:42:36 VPN1 [26730]: "S_REF_iZBHPvPFxu_1" #1171: starting keying attempt 180 of an unlimited number
2015:04:08-08:42:36 VPN1 [26730]: "S_REF_iZBHPvPFxu_1" #1176: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP to replace #1171 {using isakmp#15}
2015:04:08-08:42:37 VPN1 [26730]: "S_REF_iZBHPvPFxu_1" #1176: peer client ID returned doesn't match my proposal
2015:04:08-08:42:37 VPN1 [26730]: "S_REF_iZBHPvPFxu_1" #1176: sending encrypted notification INVALID_ID_INFORMATION to xxx.xxx.xxx.xxx:500
2015:04:08-08:42:39 VPN1 [26730]: "S_REF_iZBHPvPFxu_1" #1174: peer client ID returned doesn't match my proposal
2015:04:08-08:42:39 VPN1 [26730]: "S_REF_iZBHPvPFxu_1" #1174: sending encrypted notification INVALID_ID_INFORMATION to xxx.xxx.xxx.xxx:500
2015:04:08-08:42:46 VPN1 [26730]: "S_REF_iZBHPvPFxu_0" #15: ignoring informational payload, type INVALID_HASH_INFORMATION
2015:04:08-08:42:54 VPN1 [26730]: "S_REF_iZBHPvPFxu_0" #1175: peer client ID returned doesn't match my proposal
2015:04:08-08:42:54 VPN1 [26730]: "S_REF_iZBHPvPFxu_0" #1175: sending encrypted notification INVALID_ID_INFORMATION to xxx.xxx.xxx.xxx:500
2015:04:08-08:43:06 VPN1 [26730]: "S_REF_iZBHPvPFxu_1" #1176: peer client ID returned doesn't match my proposal
2015:04:08-08:43:06 VPN1 [26730]: "S_REF_iZBHPvPFxu_1" #1176: sending encrypted notification INVALID_ID_INFORMATION to xxx.xxx.xxx.xxx:500
2015:04:08-08:43:11 VPN1 [26730]: "S_REF_iZBHPvPFxu_1" #1172: max number of retransmissions (2) reached STATE_QUICK_I1.  No acceptable response to our first Quick Mode message: perhaps peer likes no proposal
2015:04:08-08:43:11 VPN1 [26730]: "S_REF_iZBHPvPFxu_1" #1172: starting keying attempt 184 of an unlimited number
2015:04:08-08:43:11 VPN1 [26730]: "S_REF_iZBHPvPFxu_1" #1177: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP to replace #1172 {using isakmp#15}
2015:04:08-08:43:12 VPN1 [26730]: "S_REF_iZBHPvPFxu_1" #1177: peer client ID returned doesn't match my proposal
2015:04:08-08:43:12 VPN1 [26730]: "S_REF_iZBHPvPFxu_1" #1177: sending encrypted notification INVALID_ID_INFORMATION to xxx.xxx.xxx.xxx:500
2015:04:08-08:43:15 VPN1 [26730]: "S_REF_iZBHPvPFxu_0" #1173: max number of retransmissions (2) reached STATE_QUICK_I1
2015:04:08-08:43:15 VPN1 [26730]: "S_REF_iZBHPvPFxu_0" #1173: starting keying attempt 190 of an unlimited number
2015:04:08-08:43:15 VPN1 [26730]: "S_REF_iZBHPvPFxu_0" #1178: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP to replace #1173 {using isakmp#15}
2015:04:08-08:43:15 VPN1 [26730]: "S_REF_iZBHPvPFxu_0" #1178: peer client ID returned doesn't match my proposal
2015:04:08-08:43:15 VPN1 [26730]: "S_REF_iZBHPvPFxu_0" #1178: sending encrypted notification INVALID_ID_INFORMATION to xxx.xxx.xxx.xxx:500
2015:04:08-08:43:19 VPN1 [26730]: "S_REF_iZBHPvPFxu_1" #1174: max number of retransmissions (2) reached STATE_QUICK_I1.  No acceptable response to our first Quick Mode message: perhaps peer likes no proposal

-> this messages loops

From my site the log (stronswan) is useless (Thread already opened)

Ruddimaster

Hello,

at night an other tunnel was going down.

Also Sophos:

2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    length: 32
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    transform number: 1
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    transform ID: AES_CBC
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: | ******parse ISAKMP IPsec DOI attribute:
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    af+type: KEY_LENGTH
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    length/value: 256
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: | ******parse ISAKMP IPsec DOI attribute:
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    af+type: AUTH_ALGORITHM
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    length/value: 7
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    [7 is HMAC_SHA2_512]
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: | ******parse ISAKMP IPsec DOI attribute:
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    af+type: GROUP_DESCRIPTION
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    length/value: 15
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    [15 is MODP_3072]
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: | ******parse ISAKMP IPsec DOI attribute:
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    af+type: ENCAPSULATION_MODE
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    length/value: 1
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    [1 is ENCAPSULATION_MODE_TUNNEL]
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: | ******parse ISAKMP IPsec DOI attribute:
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    af+type: SA_LIFE_TYPE
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    length/value: 1
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    [1 is SA_LIFE_TYPE_SECONDS]
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: | ******parse ISAKMP IPsec DOI attribute:
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    af+type: SA_LIFE_DURATION
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: |    length/value: 3600
2015:04:09-08:08:55 VPN-Router-2 pluto[19193]: | kernel_alg_esp_enc_ok(12,256): alg_id=12, alg_ivlen=8, alg_minbits=128, alg_maxbits=256, res=0, ret=1
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: | our client is subnet 10.15.1.0/24
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: | our client protocol/port is 0/0
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: | peer client is subnet 0.0.0.0/0
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: | peer client protocol/port is 0/0
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: "S_REF_IpsSitS2sintrabi_0" #1384: peer client ID returned doesn't match my proposal
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: "S_REF_IpsSitS2sintrabi_0" #1384: sending encrypted notification INVALID_ID_INFORMATION to xxx.xxx.xxx.xxx:500
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: | **emit ISAKMP Message:
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: |    initiator cookie:
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: |   82 4e 24 97  2d 64 22 57
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: |    responder cookie:
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: |   88 a3 33 40  36 b2 c2 3b
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: |    next payload type: ISAKMP_NEXT_HASH
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: |    ISAKMP version: ISAKMP Version 1.0
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: |    exchange type: ISAKMP_XCHG_INFO
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: |    flags: ISAKMP_FLAG_ENCRYPTION
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: |    message ID:  a3 29 8b ea
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: | ***emit ISAKMP Hash Payload:
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: |    next payload type: ISAKMP_NEXT_N
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: | emitting 64 zero bytes of HASH into ISAKMP Hash Payload
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: | emitting length of ISAKMP Hash Payload: 68
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: | ***emit ISAKMP Notification Payload:
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: |    next payload type: ISAKMP_NEXT_NONE
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: |    DOI: ISAKMP_DOI_IPSEC
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: |    protocol ID: 1
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: |    SPI size: 0
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: |    Notify Message Type: INVALID_ID_INFORMATION
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: | emitting 0 raw bytes of spi into ISAKMP Notification Payload
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: | spi
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: | emitting length of ISAKMP Notification Payload: 12
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: | emitting length of ISAKMP Message: 108
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: | state transition function for STATE_QUICK_I1 failed: INVALID_ID_INFORMATION
2015:04:09-08:08:56 VPN-Router-2 pluto[19193]: | next event EVENT_RETRANSMIT in 7 seconds for #1383

on my side I have approx 40 child SA entries. It seems that the expired tunnel does not remove.

lw9474

Check the new sticky note about prefer older SA

cmb

Anyone who's seeing rekeying issues along these lines, please upgrade to 2.2.2 and report back. In addition to the prefer old SAs fix, the version of strongswan has been upgraded, among the other IPsec improvements.

Anyone who can replicate problems along these lines with SAs piling up on 2.2.2, please PM me, it's not something that's easily replicable that I've seen and I want to make sure any outstanding issues get fixed.

Dadoo

I'm not sure this is the same problem, but we've upgraded to 2.2.2 and we're still having an issue that appears to be related to rekeying. (The issue seemed to start when we upgraded to 2.2.1.) I was able to work around the problem by checking the "Disable rekey" IPsec phase 1 option, but I wonder how much security we're losing, as a result.

We've got a peer-to-peer VPN connection to a vendor that's using a Cisco firewall, and they had a process that needed an uninterrupted connection to one of our servers for about 36 hours. The problem was that, after an hour or two, the connection would drop and the process would need to be started over. Using couple of scripts I wrote, I discovered that, every hour or two, I would receive no ping replies for 20-30 seconds, and those times lined up with times the pfSense was rekeying the connection. (The IPsec log contained the line "creating rekey job for ESP CHILD_SA with SPI".)

I've read that the most recent version of pfSense can hide the rekeying time, as long as you're using IKEv2. We're using IKEv1, so I've emailed the administrator for the remote firewall to make that change, but he hasn't got back to me, yet.

Ruddimaster

Hello,

Now I have updated my CARP-Cluster to 2.2.2 and I have still this issue!! >:(
Since the change to strongswan, the main component of a firewall is awful in any partitions.
The log ist still unreadable. At racoon century I was able to explain the network administrator on the other site what was going wrong. Now I ask the same administrator to send me his logfiles for troubleshooting. This is so frustrating.
At the past I could count on that no underdone main module were implemented.

Here my log (dump)… Sorry.. I am not able to filter the important parts because I does not know which entry belongs to which tunnel.

Apr 25 16:33:07 	charon: 09[ENC] <con18|474>parsed INFORMATIONAL response 119 [ ]
Apr 25 16:33:07 	charon: 09[NET] <con18|474>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (96 bytes)
Apr 25 16:33:07 	charon: 09[ENC] <con12000|4>parsed INFORMATIONAL_V1 request 1564653583 [ HASH N(DPD_ACK) ]
Apr 25 16:33:07 	charon: 09[NET] <con12000|4>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (92 bytes)
Apr 25 16:33:07 	charon: 09[NET] <con12000|4>sending packet: from my.local.pfsense.IP[500] to zzz.zzz.zzz.zzz[500] (92 bytes)
Apr 25 16:33:07 	charon: 09[ENC] <con12000|4>generating INFORMATIONAL_V1 request 118977497 [ HASH N(DPD) ]
Apr 25 16:33:07 	charon: 09[IKE] <con12000|4>sending DPD request
Apr 25 16:33:07 	charon: 09[IKE] <con12000|4>sending DPD request
Apr 25 16:33:07 	charon: 09[NET] <con15|29>sending packet: from my.local.pfsense.IP[500] to zzz.zzz.zzz.zzz[500] (80 bytes)
Apr 25 16:33:07 	charon: 09[ENC] <con15|29>generating INFORMATIONAL response 46 [ ]
Apr 25 16:33:07 	charon: 09[ENC] <con15|29>parsed INFORMATIONAL request 46 [ ]
Apr 25 16:33:07 	charon: 09[NET] <con15|29>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (80 bytes)
Apr 25 16:33:06 	charon: 09[IKE] <con13000|31>CHILD_SA not found, ignored
Apr 25 16:33:06 	charon: 09[IKE] <con13000|31>CHILD_SA not found, ignored
Apr 25 16:33:06 	charon: 09[IKE] <con13000|31>received DELETE for ESP CHILD_SA with SPI b9c00479
Apr 25 16:33:06 	charon: 09[IKE] <con13000|31>received DELETE for ESP CHILD_SA with SPI b9c00479
Apr 25 16:33:06 	charon: 09[ENC] <con13000|31>parsed INFORMATIONAL_V1 request 3119178486 [ HASH D ]
Apr 25 16:33:06 	charon: 09[NET] <con13000|31>received packet: from xxx.xxx.xxx.xxx[500] to my.local.pfsense.IP[500] (124 bytes)
Apr 25 16:33:06 	charon: 09[NET] <con18|474>sending packet: from my.local.pfsense.IP[500] to zzz.zzz.zzz.zzz[500] (96 bytes)
Apr 25 16:33:06 	charon: 09[ENC] <con18|474>generating INFORMATIONAL request 119 [ ]
Apr 25 16:33:06 	charon: 09[IKE] <con18|474>sending DPD request
Apr 25 16:33:06 	charon: 09[IKE] <con18|474>sending DPD request
Apr 25 16:33:04 	charon: 06[ENC] <con20000|648>parsed INFORMATIONAL_V1 request 2197749233 [ HASH N(DPD_ACK) ]
Apr 25 16:33:04 	charon: 06[NET] <con20000|648>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (140 bytes)
Apr 25 16:33:04 	charon: 06[NET] <con20000|648>sending packet: from my.local.pfsense.IP[500] to zzz.zzz.zzz.zzz[500] (140 bytes)
Apr 25 16:33:04 	charon: 06[ENC] <con20000|648>generating INFORMATIONAL_V1 request 349939385 [ HASH N(DPD) ]
Apr 25 16:33:04 	charon: 06[IKE] <con20000|648>sending DPD request
Apr 25 16:33:04 	charon: 06[IKE] <con20000|648>sending DPD request
Apr 25 16:33:04 	charon: 06[IKE] <con13000|31>CHILD_SA not found, ignored
Apr 25 16:33:04 	charon: 06[IKE] <con13000|31>CHILD_SA not found, ignored
Apr 25 16:33:04 	charon: 06[IKE] <con13000|31>received DELETE for ESP CHILD_SA with SPI 378d036a
Apr 25 16:33:04 	charon: 06[IKE] <con13000|31>received DELETE for ESP CHILD_SA with SPI 378d036a
Apr 25 16:33:04 	charon: 06[ENC] <con13000|31>parsed INFORMATIONAL_V1 request 1152623439 [ HASH D ]
Apr 25 16:33:04 	charon: 06[NET] <con13000|31>received packet: from xxx.xxx.xxx.xxx[500] to my.local.pfsense.IP[500] (124 bytes)
Apr 25 16:33:04 	charon: 10[ENC] <con17000|241>parsed INFORMATIONAL_V1 request 3703510351 [ HASH N(DPD_ACK) ]
Apr 25 16:33:04 	charon: 10[NET] <con17000|241>received packet: from zzz.zzz.zzz.zzz[4500] to my.local.pfsense.IP[4500] (140 bytes)
Apr 25 16:33:04 	charon: 10[NET] <con17000|241>sending packet: from my.local.pfsense.IP[4500] to zzz.zzz.zzz.zzz[4500] (140 bytes)
Apr 25 16:33:04 	charon: 10[ENC] <con17000|241>generating INFORMATIONAL_V1 request 1792492415 [ HASH N(DPD) ]
Apr 25 16:33:04 	charon: 10[IKE] <con17000|241>sending DPD request
Apr 25 16:33:04 	charon: 10[IKE] <con17000|241>sending DPD request
Apr 25 16:33:03 	charon: 10[NET] <con23000|27>sending packet: from my.local.pfsense.IP[500] to zzz.zzz.zzz.zzz[500] (92 bytes)
Apr 25 16:33:03 	charon: 10[ENC] <con23000|27>generating INFORMATIONAL_V1 request 1349975187 [ HASH N(DPD_ACK) ]
Apr 25 16:33:03 	charon: 10[ENC] <con23000|27>parsed INFORMATIONAL_V1 request 1558984787 [ HASH N(DPD) ]
Apr 25 16:33:03 	charon: 10[NET] <con23000|27>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (92 bytes)
Apr 25 16:33:03 	charon: 10[IKE] <con13000|31>CHILD_SA not found, ignored
Apr 25 16:33:03 	charon: 10[IKE] <con13000|31>CHILD_SA not found, ignored
Apr 25 16:33:03 	charon: 10[IKE] <con13000|31>received DELETE for ESP CHILD_SA with SPI 000c2541
Apr 25 16:33:03 	charon: 10[IKE] <con13000|31>received DELETE for ESP CHILD_SA with SPI 000c2541
Apr 25 16:33:03 	charon: 10[ENC] <con13000|31>parsed INFORMATIONAL_V1 request 2617589153 [ HASH D ]
Apr 25 16:33:03 	charon: 10[NET] <con13000|31>received packet: from xxx.xxx.xxx.xxx[500] to my.local.pfsense.IP[500] (124 bytes)
Apr 25 16:33:02 	charon: 09[NET] <con3000|240>sending packet: from my.local.pfsense.IP[4500] to zzz.zzz.zzz.zzz[4500] (140 bytes)
Apr 25 16:33:02 	charon: 09[ENC] <con3000|240>generating INFORMATIONAL_V1 request 2996761664 [ HASH N(DPD_ACK) ]
Apr 25 16:33:02 	charon: 09[ENC] <con3000|240>parsed INFORMATIONAL_V1 request 636958179 [ HASH N(DPD) ]
Apr 25 16:33:02 	charon: 09[NET] <con3000|240>received packet: from zzz.zzz.zzz.zzz[4500] to my.local.pfsense.IP[4500] (140 bytes)
Apr 25 16:33:00 	charon: 08[IKE] <con13000|31>CHILD_SA not found, ignored
Apr 25 16:33:00 	charon: 08[IKE] <con13000|31>CHILD_SA not found, ignored
Apr 25 16:33:00 	charon: 08[IKE] <con13000|31>received DELETE for ESP CHILD_SA with SPI 7538a87d
Apr 25 16:33:00 	charon: 08[IKE] <con13000|31>received DELETE for ESP CHILD_SA with SPI 7538a87d
Apr 25 16:33:00 	charon: 08[ENC] <con13000|31>parsed INFORMATIONAL_V1 request 2092199335 [ HASH D ]
Apr 25 16:33:00 	charon: 08[NET] <con13000|31>received packet: from xxx.xxx.xxx.xxx[500] to my.local.pfsense.IP[500] (124 bytes)
Apr 25 16:33:00 	charon: 08[ENC] <con19000|468>parsed INFORMATIONAL_V1 request 1334491019 [ HASH N(DPD_ACK) ]
Apr 25 16:33:00 	charon: 08[NET] <con19000|468>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (140 bytes)
Apr 25 16:32:59 	charon: 08[NET] <con19000|468>sending packet: from my.local.pfsense.IP[500] to zzz.zzz.zzz.zzz[500] (140 bytes)
Apr 25 16:32:59 	charon: 08[ENC] <con19000|468>generating INFORMATIONAL_V1 request 774513974 [ HASH N(DPD) ]
Apr 25 16:32:59 	charon: 08[IKE] <con19000|468>sending DPD request
Apr 25 16:32:59 	charon: 08[IKE] <con19000|468>sending DPD request
Apr 25 16:32:59 	charon: 08[IKE] <con6000|22>CHILD_SA not found, ignored
Apr 25 16:32:59 	charon: 08[IKE] <con6000|22>CHILD_SA not found, ignored
Apr 25 16:32:59 	charon: 08[IKE] <con6000|22>received DELETE for ESP CHILD_SA with SPI 08e3d441
Apr 25 16:32:59 	charon: 08[IKE] <con6000|22>received DELETE for ESP CHILD_SA with SPI 08e3d441
Apr 25 16:32:59 	charon: 08[ENC] <con6000|22>parsed INFORMATIONAL_V1 request 3262730041 [ HASH D ]
Apr 25 16:32:59 	charon: 08[NET] <con6000|22>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (124 bytes)
Apr 25 16:32:59 	charon: 08[IKE] <con2000|21>CHILD_SA not found, ignored
Apr 25 16:32:59 	charon: 08[IKE] <con2000|21>CHILD_SA not found, ignored
Apr 25 16:32:59 	charon: 08[IKE] <con2000|21>received DELETE for ESP CHILD_SA with SPI 639da0e0
Apr 25 16:32:59 	charon: 08[IKE] <con2000|21>received DELETE for ESP CHILD_SA with SPI 639da0e0
Apr 25 16:32:59 	charon: 08[ENC] <con2000|21>parsed INFORMATIONAL_V1 request 2113800731 [ HASH D ]
Apr 25 16:32:59 	charon: 08[NET] <con2000|21>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (124 bytes)
Apr 25 16:32:59 	charon: 08[IKE] <con14000|26>CHILD_SA not found, ignored
Apr 25 16:32:59 	charon: 08[IKE] <con14000|26>CHILD_SA not found, ignored
Apr 25 16:32:59 	charon: 08[IKE] <con14000|26>received DELETE for ESP CHILD_SA with SPI 1dcd3820
Apr 25 16:32:59 	charon: 08[IKE] <con14000|26>received DELETE for ESP CHILD_SA with SPI 1dcd3820
Apr 25 16:32:59 	charon: 08[ENC] <con14000|26>parsed INFORMATIONAL_V1 request 2629950835 [ HASH D ]
Apr 25 16:32:59 	charon: 08[NET] <con14000|26>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (124 bytes)
Apr 25 16:32:59 	charon: 08[ENC] <con22000|1178>parsed INFORMATIONAL_V1 request 3940481499 [ HASH N(DPD_ACK) ]
Apr 25 16:32:59 	charon: 08[NET] <con22000|1178>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (92 bytes)
Apr 25 16:32:59 	charon: 08[NET] <con22000|1178>sending packet: from my.local.pfsense.IP[500] to zzz.zzz.zzz.zzz[500] (92 bytes)
Apr 25 16:32:59 	charon: 08[ENC] <con22000|1178>generating INFORMATIONAL_V1 request 1777631898 [ HASH N(DPD) ]
Apr 25 16:32:59 	charon: 08[IKE] <con22000|1178>sending DPD request
Apr 25 16:32:59 	charon: 08[IKE] <con22000|1178>sending DPD request
Apr 25 16:32:59 	charon: 08[IKE] <con13000|31>CHILD_SA not found, ignored
Apr 25 16:32:59 	charon: 08[IKE] <con13000|31>CHILD_SA not found, ignored
Apr 25 16:32:59 	charon: 08[IKE] <con13000|31>received DELETE for ESP CHILD_SA with SPI 751f79f0
Apr 25 16:32:59 	charon: 08[IKE] <con13000|31>received DELETE for ESP CHILD_SA with SPI 751f79f0
Apr 25 16:32:59 	charon: 08[ENC] <con13000|31>parsed INFORMATIONAL_V1 request 1546787869 [ HASH D ]
Apr 25 16:32:59 	charon: 08[NET] <con13000|31>received packet: from xxx.xxx.xxx.xxx[500] to my.local.pfsense.IP[500] (124 bytes)
Apr 25 16:32:59 	charon: 12[IKE] <con10000|19>CHILD_SA not found, ignored
Apr 25 16:32:59 	charon: 12[IKE] <con10000|19>CHILD_SA not found, ignored
Apr 25 16:32:59 	charon: 12[IKE] <con10000|19>received DELETE for ESP CHILD_SA with SPI ec4f316b
Apr 25 16:32:59 	charon: 12[IKE] <con10000|19>received DELETE for ESP CHILD_SA with SPI ec4f316b
Apr 25 16:32:59 	charon: 12[ENC] <con10000|19>parsed INFORMATIONAL_V1 request 2207769426 [ HASH D ]
Apr 25 16:32:59 	charon: 12[NET] <con10000|19>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (124 bytes)
Apr 25 16:32:59 	charon: 12[IKE] <con1000|28>CHILD_SA not found, ignored
Apr 25 16:32:59 	charon: 12[IKE] <con1000|28>CHILD_SA not found, ignored
Apr 25 16:32:59 	charon: 12[IKE] <con1000|28>received DELETE for ESP CHILD_SA with SPI a130a72c
Apr 25 16:32:59 	charon: 12[IKE] <con1000|28>received DELETE for ESP CHILD_SA with SPI a130a72c
Apr 25 16:32:59 	charon: 12[ENC] <con1000|28>parsed INFORMATIONAL_V1 request 1709002469 [ HASH D ]
Apr 25 16:32:59 	charon: 12[NET] <con1000|28>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (124 bytes)
Apr 25 16:32:58 	charon: 12[IKE] <con25000|80>CHILD_SA not found, ignored
Apr 25 16:32:58 	charon: 12[IKE] <con25000|80>CHILD_SA not found, ignored
Apr 25 16:32:58 	charon: 12[IKE] <con25000|80>received DELETE for ESP CHILD_SA with SPI 3a6b46c9
Apr 25 16:32:58 	charon: 12[IKE] <con25000|80>received DELETE for ESP CHILD_SA with SPI 3a6b46c9
Apr 25 16:32:58 	charon: 12[ENC] <con25000|80>parsed INFORMATIONAL_V1 request 1361005290 [ HASH D ]
Apr 25 16:32:58 	charon: 12[NET] <con25000|80>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (124 bytes)
Apr 25 16:32:57 	charon: 12[IKE] <con13000|31>CHILD_SA not found, ignored
Apr 25 16:32:57 	charon: 12[IKE] <con13000|31>CHILD_SA not found, ignored
Apr 25 16:32:57 	charon: 12[IKE] <con13000|31>received DELETE for ESP CHILD_SA with SPI 7561bf6d
Apr 25 16:32:57 	charon: 12[IKE] <con13000|31>received DELETE for ESP CHILD_SA with SPI 7561bf6d
Apr 25 16:32:57 	charon: 12[ENC] <con13000|31>parsed INFORMATIONAL_V1 request 1229997925 [ HASH D ]
Apr 25 16:32:57 	charon: 12[NET] <con13000|31>received packet: from xxx.xxx.xxx.xxx[500] to my.local.pfsense.IP[500] (124 bytes)
Apr 25 16:32:57 	charon: 12[ENC] <con18|474>parsed INFORMATIONAL response 118 [ ]
Apr 25 16:32:57 	charon: 12[NET] <con18|474>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (96 bytes)
Apr 25 16:32:57 	charon: 12[ENC] <con12000|4>parsed INFORMATIONAL_V1 request 143804701 [ HASH N(DPD_ACK) ]
Apr 25 16:32:57 	charon: 12[NET] <con12000|4>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (92 bytes)
Apr 25 16:32:57 	charon: 12[NET] <con12000|4>sending packet: from my.local.pfsense.IP[500] to zzz.zzz.zzz.zzz[500] (92 bytes)
Apr 25 16:32:57 	charon: 12[ENC] <con12000|4>generating INFORMATIONAL_V1 request 478577563 [ HASH N(DPD) ]
Apr 25 16:32:57 	charon: 12[IKE] <con12000|4>sending DPD request
Apr 25 16:32:57 	charon: 12[IKE] <con12000|4>sending DPD request
Apr 25 16:32:57 	charon: 11[NET] <con15|29>sending packet: from my.local.pfsense.IP[500] to zzz.zzz.zzz.zzz[500] (80 bytes)
Apr 25 16:32:57 	charon: 11[ENC] <con15|29>generating INFORMATIONAL response 45 [ ]
Apr 25 16:32:57 	charon: 11[ENC] <con15|29>parsed INFORMATIONAL request 45 [ ]
Apr 25 16:32:57 	charon: 11[NET] <con15|29>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (80 bytes)
Apr 25 16:32:56 	charon: 11[NET] <con18|474>sending packet: from my.local.pfsense.IP[500] to zzz.zzz.zzz.zzz[500] (96 bytes)
Apr 25 16:32:56 	charon: 11[ENC] <con18|474>generating INFORMATIONAL request 118 [ ]
Apr 25 16:32:56 	charon: 11[IKE] <con18|474>sending DPD request
Apr 25 16:32:56 	charon: 11[IKE] <con18|474>sending DPD request
Apr 25 16:32:56 	charon: 11[ENC] <con4000|11>parsed INFORMATIONAL_V1 request 1381363991 [ HASH N(DPD_ACK) ]
Apr 25 16:32:56 	charon: 11[NET] <con4000|11>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (140 bytes)
Apr 25 16:32:56 	charon: 11[NET] <con4000|11>sending packet: from my.local.pfsense.IP[500] to zzz.zzz.zzz.zzz[500] (140 bytes)
Apr 25 16:32:56 	charon: 11[ENC] <con4000|11>generating INFORMATIONAL_V1 request 3504403619 [ HASH N(DPD) ]
Apr 25 16:32:56 	charon: 11[IKE] <con4000|11>sending DPD request
Apr 25 16:32:56 	charon: 11[IKE] <con4000|11>sending DPD request
Apr 25 16:32:55 	charon: 11[IKE] <con13000|31>CHILD_SA not found, ignored
Apr 25 16:32:55 	charon: 11[IKE] <con13000|31>CHILD_SA not found, ignored
Apr 25 16:32:55 	charon: 11[IKE] <con13000|31>received DELETE for ESP CHILD_SA with SPI 3afe4036
Apr 25 16:32:55 	charon: 11[IKE] <con13000|31>received DELETE for ESP CHILD_SA with SPI 3afe4036
Apr 25 16:32:55 	charon: 11[ENC] <con13000|31>parsed INFORMATIONAL_V1 request 3137469033 [ HASH D ]
Apr 25 16:32:55 	charon: 11[NET] <con13000|31>received packet: from xxx.xxx.xxx.xxx[500] to my.local.pfsense.IP[500] (124 bytes)
Apr 25 16:32:55 	charon: 11[NET] <3382> sending packet: from my.local.pfsense.IP[500] to zzz.zzz.zzz.zzz[500] (56 bytes)
Apr 25 16:32:55 	charon: 11[ENC] <3382> generating INFORMATIONAL_V1 request 2652241747 [ N(NO_PROP) ]
Apr 25 16:32:55 	charon: 11[IKE] <3382> no proposal found
Apr 25 16:32:55 	charon: 11[IKE] <3382> no proposal found
Apr 25 16:32:55 	charon: 11[CFG] <3382> configured proposals: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536
Apr 25 16:32:55 	charon: 11[CFG] <3382> received proposals: IKE:AES_CBC_256/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1536
Apr 25 16:32:55 	charon: 11[IKE] <3382> 46.252.128.242 is initiating a Main Mode IKE_SA
Apr 25 16:32:55 	charon: 11[IKE] <3382> 46.252.128.242 is initiating a Main Mode IKE_SA
Apr 25 16:32:55 	charon: 11[IKE] <3382> received DPD vendor ID
Apr 25 16:32:55 	charon: 11[IKE] <3382> received DPD vendor ID
Apr 25 16:32:55 	charon: 11[IKE] <3382> received XAuth vendor ID
Apr 25 16:32:55 	charon: 11[IKE] <3382> received XAuth vendor ID
Apr 25 16:32:55 	charon: 11[IKE] <3382> received Cisco Unity vendor ID
Apr 25 16:32:55 	charon: 11[IKE] <3382> received Cisco Unity vendor ID
Apr 25 16:32:55 	charon: 11[IKE] <3382> received strongSwan vendor ID
Apr 25 16:32:55 	charon: 11[IKE] <3382> received strongSwan vendor ID
Apr 25 16:32:55 	charon: 11[ENC] <3382> parsed ID_PROT request 0 [ SA V V V V ]
Apr 25 16:32:55 	charon: 11[NET] <3382> received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (156 bytes)
Apr 25 16:32:55 	charon: 11[ENC] <con5000|76>parsed INFORMATIONAL_V1 request 2479835611 [ HASH N(DPD_ACK) ]
Apr 25 16:32:55 	charon: 11[NET] <con5000|76>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (92 bytes)
Apr 25 16:32:55 	charon: 11[NET] <con5000|76>sending packet: from my.local.pfsense.IP[500] to zzz.zzz.zzz.zzz[500] (92 bytes)
Apr 25 16:32:55 	charon: 11[ENC] <con5000|76>generating INFORMATIONAL_V1 request 3637565574 [ HASH N(DPD) ]
Apr 25 16:32:55 	charon: 11[IKE] <con5000|76>sending DPD request
Apr 25 16:32:55 	charon: 11[IKE] <con5000|76>sending DPD request
Apr 25 16:32:54 	charon: 14[ENC] <con17000|241>parsed INFORMATIONAL_V1 request 96340431 [ HASH N(DPD_ACK) ]
Apr 25 16:32:54 	charon: 14[NET] <con17000|241>received packet: from zzz.zzz.zzz.zzz[4500] to my.local.pfsense.IP[4500] (140 bytes)
Apr 25 16:32:54 	charon: 14[NET] <con17000|241>sending packet: from my.local.pfsense.IP[4500] to zzz.zzz.zzz.zzz[4500] (140 bytes)
Apr 25 16:32:54 	charon: 14[ENC] <con17000|241>generating INFORMATIONAL_V1 request 1621594452 [ HASH N(DPD) ]
Apr 25 16:32:54 	charon: 14[IKE] <con17000|241>sending DPD request
Apr 25 16:32:54 	charon: 14[IKE] <con17000|241>sending DPD request
Apr 25 16:32:53 	charon: 14[IKE] <con13000|31>CHILD_SA not found, ignored
Apr 25 16:32:53 	charon: 14[IKE] <con13000|31>CHILD_SA not found, ignored
Apr 25 16:32:53 	charon: 14[IKE] <con13000|31>received DELETE for ESP CHILD_SA with SPI 57f38c63
Apr 25 16:32:53 	charon: 14[IKE] <con13000|31>received DELETE for ESP CHILD_SA with SPI 57f38c63
Apr 25 16:32:53 	charon: 14[ENC] <con13000|31>parsed INFORMATIONAL_V1 request 868575397 [ HASH D ]
Apr 25 16:32:53 	charon: 14[NET] <con13000|31>received packet: from xxx.xxx.xxx.xxx[500] to my.local.pfsense.IP[500] (124 bytes)
Apr 25 16:32:52 	charon: 14[NET] <con11000|33>sending packet: from my.local.pfsense.IP[500] to zzz.zzz.zzz.zzz[500] (92 bytes)
Apr 25 16:32:52 	charon: 14[ENC] <con11000|33>generating INFORMATIONAL_V1 request 2554034778 [ HASH N(DPD_ACK) ]
Apr 25 16:32:52 	charon: 14[ENC] <con11000|33>parsed INFORMATIONAL_V1 request 1589669651 [ HASH N(DPD) ]
Apr 25 16:32:52 	charon: 14[NET] <con11000|33>received packet: from zzz.zzz.zzz.zzz[500] to my.local.pfsense.IP[500] (92 bytes)
Apr 25 16:32:52 	charon: 14[NET] <con3000|240>sending packet: from my.local.pfsense.IP[4500] to zzz.zzz.zzz.zzz[4500] (140 bytes)
Apr 25 16:32:52 	charon: 14[ENC] <con3000|240>generating INFORMATIONAL_V1 request 2219395581 [ HASH N(DPD_ACK) ]
Apr 25 16:32:52 	charon: 14[ENC] <con3000|240>parsed INFORMATIONAL_V1 request 2540775577 [ HASH N(DPD) ]
Apr 25 16:32:52 	charon: 14[NET] <con3000|240>received packet: from zzz.zzz.zzz.zzz[4500] to my.local.pfsense.IP[4500] (140 bytes)
Apr 25 16:32:51 	charon: 14[NET] <con13000|31>sending packet: from my.local.pfsense.IP[500] to xxx.xxx.xxx.xxx[500] (140 bytes)
Apr 25 16:32:51 	charon: 14[ENC] <con13000|31>generating INFORMATIONAL_V1 request 176562984 [ HASH N(DPD_ACK) ]
Apr 25 16:32:51 	charon: 14[ENC] <con13000|31>parsed INFORMATIONAL_V1 request 2204584495 [ HASH N(DPD) ]
Apr 25 16:32:51 	charon: 14[NET] <con13000|31>received packet: from xxx.xxx.xxx.xxx[500] to my.local.pfsense.IP[500] (140 bytes)
Apr 25 16:32:50 	charon: 14[NET] <3381> sending packet: from my.local.pfsense.IP[500] to zzz.zzz.zzz.zzz[500] (56 bytes)
Apr 25 16:32:50 	charon: 14[ENC] <3381> generating INFORMATIONAL_V1 request 3355800620 [ N(NO_PROP) ]
Apr 25 16:32:50 	charon: 14[IKE] <3381> no proposal found
Apr 25 16:32:50 	charon: 14[IKE] <3381> no proposal found
Apr 25 16:32:50 	charon: 14[CFG] <3381> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_1536
Apr 25 16:32:50 	charon: 14[CFG] <3381> received proposals: IKE:AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_4096
Apr 25 16:32:50 	charon: 14[IKE] <3381> 87.193.208.114 is initiating a Main Mode IKE_SA
Apr 25 16:32:50 	charon: 14[IKE] <3381> 87.193.208.114 is initiating a Main Mode IKE_SA
Apr 25 16:32:50 	charon: 14[IKE] <3381> received draft-ietf-ipsec-nat-t-ike-00 vendor ID
Apr 25 16:32:50 	charon: 14[IKE] <3381> received draft-ietf-ipsec-nat-t-ike-00 vendor ID
Apr 25 16:32:50 	charon: 14[IKE] <3381> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Apr 25 16:32:50 	charon: 14[IKE] <3381> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Apr 25 16:32:50 	charon: 14[IKE] <3381> received draft-ietf-ipsec-nat-t-ike-02 vendor ID
Apr 25 16:32:50 	charon: 14[IKE] <3381> received draft-ietf-ipsec-nat-t-ike-02 vendor ID
Apr 25 16:32:50 	charon: 14[IKE] <3381> received draft-ietf-ipsec-nat-t-ike-03 vendor ID
Apr 25 16:32:50 	charon: 14[IKE] <3381> received draft-ietf-ipsec-nat-t-ike-03 vendor ID
Apr 25 16:32:50 	charon: 14[IKE] <3381> received NAT-T (RFC 3947) vendor ID
Apr 25 16:32:50 	charon: 14[IKE] <3381> received NAT-T (RFC 3947) vendor ID
Apr 25 16:32:50 	charon: 14[IKE] <3381> received DPD vendor ID
Apr 25 16:32:50 	charon: 14[IKE] <3381> received DPD vendor ID
Apr 25 16:32:50 	charon: 14[IKE] <3381> received XAuth vendor ID
Apr 25 16:32:50 	charon: 14[IKE] <3381> received XAuth vendor ID
Apr 25 16:32:50 	charon: 14[IKE] <3381> received Cisco Unity vendor ID
Apr 25 16:32:50 	charon: 14[IKE] <3381> received Cisco Unity vendor ID
Apr 25 16:32:50 	charon: 14[IKE] <3381> received strongSwan vendor ID
Apr 25 16:32:50 	charon: 14[IKE] <3381> received strongSwan vendor ID</con13000|31></con13000|31></con13000|31></con13000|31></con3000|240></con3000|240></con3000|240></con3000|240></con11000|33></con11000|33></con11000|33></con11000|33></con13000|31></con13000|31></con13000|31></con13000|31></con13000|31></con13000|31></con17000|241></con17000|241></con17000|241></con17000|241></con17000|241></con17000|241></con5000|76></con5000|76></con5000|76></con5000|76></con5000|76></con5000|76></con13000|31></con13000|31></con13000|31></con13000|31></con13000|31></con13000|31></con4000|11></con4000|11></con4000|11></con4000|11></con4000|11></con4000|11></con18|474></con18|474></con18|474></con18|474></con15|29></con15|29></con15|29></con15|29></con12000|4></con12000|4></con12000|4></con12000|4></con12000|4></con12000|4></con18|474></con18|474></con13000|31></con13000|31></con13000|31></con13000|31></con13000|31></con13000|31></con25000|80></con25000|80></con25000|80></con25000|80></con25000|80></con25000|80></con1000|28></con1000|28></con1000|28></con1000|28></con1000|28></con1000|28></con10000|19></con10000|19></con10000|19></con10000|19></con10000|19></con10000|19></con13000|31></con13000|31></con13000|31></con13000|31></con13000|31></con13000|31></con22000|1178></con22000|1178></con22000|1178></con22000|1178></con22000|1178></con22000|1178></con14000|26></con14000|26></con14000|26></con14000|26></con14000|26></con14000|26></con2000|21></con2000|21></con2000|21></con2000|21></con2000|21></con2000|21></con6000|22></con6000|22></con6000|22></con6000|22></con6000|22></con6000|22></con19000|468></con19000|468></con19000|468></con19000|468></con19000|468></con19000|468></con13000|31></con13000|31></con13000|31></con13000|31></con13000|31></con13000|31></con3000|240></con3000|240></con3000|240></con3000|240></con13000|31></con13000|31></con13000|31></con13000|31></con13000|31></con13000|31></con23000|27></con23000|27></con23000|27></con23000|27></con17000|241></con17000|241></con17000|241></con17000|241></con17000|241></con17000|241></con13000|31></con13000|31></con13000|31></con13000|31></con13000|31></con13000|31></con20000|648></con20000|648></con20000|648></con20000|648></con20000|648></con20000|648></con18|474></con18|474></con18|474></con18|474></con13000|31></con13000|31></con13000|31></con13000|31></con13000|31></con13000|31></con15|29></con15|29></con15|29></con15|29></con12000|4></con12000|4></con12000|4></con12000|4></con12000|4></con12000|4></con18|474></con18|474> 

xxx.xxx.xxx.xxx IP-Address of the tunnel which is not working (screenshots)
zzz.zzz.zzz.zzz other addresses

Let me know If you need further information…  :-\

cmb

Ruddimaster: I emailed you at the address you registered on the forum using. I'd like to take a look at your system to find the source of that issue, can arrange specifics there.

Ruddimaster

Hi Chris,

@cmb:

Ruddimaster: I emailed you at the address you registered on the forum using. I'd like to take a look at your system to find the source of that issue, can arrange specifics there.

That would be nice…

At weekend, all IPSec-Tunnels were stable.

One tunnel shows many entries again. But for traffic this VPN is stable...
After update to 2.2.2 I have additional empty Algo entires.
Btw. the lifetime is 3600 (1h)

cmb

I emailed Ruddimaster but wanted to post here as well for others. If you're having rekeying issues, especially with multiple P2s, applying this change and rebooting may fix.

https://github.com/pfsense/pfsense/commit/afd0c1f2c9c46eaa8e496e98bea8a8e0887d504f