Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPsec VPN service stuck after few days

    Scheduled Pinned Locked Moved IPsec
    8 Posts 4 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      manoj_4765
      last edited by

      Hi Guys,

      One week back I have updated the pfsense firmware to 2.2.4 and we have noticed after 3 or 4 days the vpn is disconnect with some sites. When we are trying to stop or start service then its now working. After reboot the pfsense all sites working fine with VPN.

      Any suggestion then please share with me.

      Thanks

      Manoj

      1 Reply Last reply Reply Quote 0
      • ?
        Guest
        last edited by

        One week back I have updated the pfsense firmware to 2.2.4 and we have noticed after 3 or 4 days the vpn is disconnect with some sites.

        Rebooting, new install and/or upgrading mostly comes with so called "by side" effects!
        If you was not creating a /boot/loader.conf.local and store there all tunigs and pimps you made
        they will more or less all gone after an upgrade, fresh install or tiny reboot!

        When we are trying to stop or start service then its now working.

        Now working or not working?

        After reboot the pfsense all sites working fine with VPN.

        Is there any lease time in this VPN game set up by yours in the past?

        Any suggestion then please share with me.

        What kind of hardware you are using?
        Did you set up a lease time for the VPN tunnel?

        1 Reply Last reply Reply Quote 0
        • K
          kitdavis
          last edited by

          I've been reporting the same problem since 2.2.3.  Restarting IPSEC and apinger does not solve the problem.  I just reboot PFSense every couple of days.  I have an unstable connection that goes down for a few seconds/minutes frequently and that seems to be the cause.  When the connection is fairly stable IPSEC will stay up for several days, when the connection is flaky IPSEC stops after just a day or two.  Until now no one else has reported the same problem - so I'm glad I'm not the only one.

          1 Reply Last reply Reply Quote 0
          • M
            manoj_4765
            last edited by

            @BlueKobold:

            One week back I have updated the pfsense firmware to 2.2.4 and we have noticed after 3 or 4 days the vpn is disconnect with some sites.

            Rebooting, new install and/or upgrading mostly comes with so called "by side" effects!
            If you was not creating a /boot/loader.conf.local and store there all tunigs and pimps you made
            they will more or less all gone after an upgrade, fresh install or tiny reboot!

            When we are trying to stop or start service then its now working.

            Now working or not working?

            After reboot the pfsense all sites working fine with VPN.

            Is there any lease time in this VPN game set up by yours in the past?

            Any suggestion then please share with me.

            What kind of hardware you are using?
            Did you set up a lease time for the VPN tunnel?

            HI Mate ,

            I am using the below hardware:-

            Version 2.2.4-RELEASE (i386)
            built on Sat Jul 25 19:56:41 CDT 2015
            FreeBSD 10.1-RELEASE-p15

            You are on the latest version.
            Platform nanobsd (4g)
            NanoBSD Boot Slice pfsense0 / ada0s1 (ro)
            CPU Type Intel(R) Atom(TM) CPU D525 @ 1.80GHz
            4 CPUs: 1 package(s) x 2 core(s) x 2 HTT threads
            Uptime 3 Days 00 Hour 14 Minutes 09

            and the firewall has been updated

            Thanks

            1 Reply Last reply Reply Quote 0
            • M
              manoj_4765
              last edited by

              @manoj_4765:

              @BlueKobold:

              One week back I have updated the pfsense firmware to 2.2.4 and we have noticed after 3 or 4 days the vpn is disconnect with some sites.

              Rebooting, new install and/or upgrading mostly comes with so called "by side" effects!
              If you was not creating a /boot/loader.conf.local and store there all tunigs and pimps you made
              they will more or less all gone after an upgrade, fresh install or tiny reboot!

              When we are trying to stop or start service then its now working.

              Now working or not working?

              After reboot the pfsense all sites working fine with VPN.

              Is there any lease time in this VPN game set up by yours in the past?

              Any suggestion then please share with me.

              What kind of hardware you are using?
              Did you set up a lease time for the VPN tunnel?

              HI Mate ,

              I am using the below hardware:-

              Version 2.2.4-RELEASE (i386)
              built on Sat Jul 25 19:56:41 CDT 2015
              FreeBSD 10.1-RELEASE-p15

              You are on the latest version.
              Platform nanobsd (4g)
              NanoBSD Boot Slice pfsense0 / ada0s1 (ro)
              CPU Type Intel(R) Atom(TM) CPU D525 @ 1.80GHz
              4 CPUs: 1 package(s) x 2 core(s) x 2 HTT threads
              Uptime 3 Days 00 Hour 14 Minutes 09

              and the firewall has been updated

              Thanks

              Yes after rebooting the firewall its working fine for 2 or 3 days.

              Thanks

              1 Reply Last reply Reply Quote 0
              • M
                manoj_4765
                last edited by

                @manoj_4765:

                @BlueKobold:

                One week back I have updated the pfsense firmware to 2.2.4 and we have noticed after 3 or 4 days the vpn is disconnect with some sites.

                Rebooting, new install and/or upgrading mostly comes with so called "by side" effects!
                If you was not creating a /boot/loader.conf.local and store there all tunigs and pimps you made
                they will more or less all gone after an upgrade, fresh install or tiny reboot!

                When we are trying to stop or start service then its now working.

                Now working or not working?

                After reboot the pfsense all sites working fine with VPN.

                Is there any lease time in this VPN game set up by yours in the past?

                Any suggestion then please share with me.

                What kind of hardware you are using?
                Did you set up a lease time for the VPN tunnel?

                HI Mate ,

                I am using the below hardware:-

                Version 2.2.4-RELEASE (i386)
                built on Sat Jul 25 19:56:41 CDT 2015
                FreeBSD 10.1-RELEASE-p15

                You are on the latest version.
                Platform nanobsd (4g)
                NanoBSD Boot Slice pfsense0 / ada0s1 (ro)
                CPU Type Intel(R) Atom(TM) CPU D525 @ 1.80GHz
                4 CPUs: 1 package(s) x 2 core(s) x 2 HTT threads
                Uptime 3 Days 00 Hour 14 Minutes 09

                and the firewall has been updated

                same time I have checked the firewall logs and logs was like this, (Note in mean time only one site vpn is not working and other sites vpn are working fine and the main time racoon start and stop is not working)

                php-fpm[80091]: /rc.newipsecdns: WARNING: Setting i_dont_care_about_security_and_use_aggressive_mode_psk option because a phase 1 is configured using aggressive mode with pre-shared keys. This is not a secure configuration.

                Thanks

                1 Reply Last reply Reply Quote 0
                • D
                  doktornotor Banned
                  last edited by

                  @manoj_4765:

                  One week back I have updated the pfsense firmware to 2.2.4 and we have noticed after 3 or 4 days the vpn is disconnect with some sites. When we are trying to stop or start service then its now working. After reboot the pfsense all sites working fine with VPN.

                  Tell us something new, perhaps? Exact reason why I moved everything to OpenVPN; after some 4 months, I have yet to hear a single complaint about tunnel being down (when internet is working).

                  Been this way ever since 2.2; don't have time to debug this shit.

                  1 Reply Last reply Reply Quote 0
                  • K
                    kitdavis
                    last edited by

                    I don't mind taking the time to debug.  But so much stuff is spewed into the log that I have been unable to find any thing that hints at the problem.  Chris has had access to my system since 2.2 and I don't think he has had any more luck identifying the problem.  I have 17 VPN connections but they are all for my use, and I have backup OpenVPN connections as well so I can "afford" to keep looking for a solution, but it is a pain to reboot PFSense every couple of days (and it reeks havoc with my Zabbix monitoring).  The 17 end points have various IPSEC connections between them, but I have left them all running 2.1.3 until IPSEC is working reliably (or I give up and convert all the tunnels to OpenVPN)

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.