PfSense 2.2 crashes (hard) when accessing Web Configurator from remote IPsec VPN
-
I've seen the same issue on v2.2 over VMware (both ends virtual, IPSec between them), so it's not a hardware problem. Worked fine for years on v2.0x before, even on beta versions and on the same host hardware.
In my case it SEEMS to be fixed by disabling IPcomp (IP Compression) on the Advanced tab under IPsec, and begins to fail again with a double fault as soon as I re-enable compression. Went from crashing more than once per hour to staying stable for more than 24h and counting.
I already submitted one of the crash dumps for evaluation. -
Should we report this as possible bug on pfSense bugtracker and refer to this thread ?
-
Exact same issue here on a Sokeris net6501. Does anyone know if this is in the bug tracker? I had a look but couldn't see it.
-
Just completed the upgrade to 2.2.1.
The issue is still there. Accessing the webUI while connected over IPSec VPN will crash the box.
-
https://redmine.pfsense.org/issues/4537
-
Could you all test by setting net.inet.ipsec.directdispatch to 0 as ermal outlined in this post? I believe this is all the same issue
-
I think I ran into the same problem (2.2.1-RELEASE on AMD G-T40E) and submitted a few crash dumps.
I set net.inet.ipsec.directdispatch to 0 and have not had another crash since then.
-
I have the exact same issue, my remote pfsense instantly crashes when I access it via remote ip. if I remote desktop to the server on the local network, I can access the box, but using ipsec and accessing the box from a different subnet the box crashes. I removed all squid and squid guard rebooted and It still crashes.
-
Nambi, did you try the fix that georgeman suggested??
-
I'm not too sure how to enter in that command.
do i add this into this the "Execute Shell command"
net.inet.ipsec.directdispatch=0I entered this in there, but when I remote connected it still crashed I probably didn't put it in properly.
Thanks for the assistance.
-
I'm not too sure how to enter in that command.
System - Advanced - System Tunables
-
Thank you, there was no entry so i added "net.inet.ipsec.directdispatch" and set it to 0 and this fixed the issue.
Thanks for your patience.
-
Go to System, Advanced and enter it as a tunable. Reboot just in case and test again
Are you on 32-bit??
-
yes we are running 32 bit, ,my system is capable for 64 bit, but I installed pfsesne a while back when 32 bit was the norm.
-
Alright, it is confirmed to be the same issue then, thanks
-