Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Ipsec between pfsense and lancom stopped working

    IPsec
    2
    4
    2.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      richie1985
      last edited by

      hi,

      it was working fine without any problems. without any changes on both sides it stopped working and i only see timeouts. but internet connection (ping, tracert, port check) is working.

      ipsec log pfsense:

      Jun 1 18:48:00 	charon 		05[IKE] <con1000|5>establishing IKE_SA failed, peer not responding
Jun 1 18:48:00 	charon 		05[IKE] <con1000|5>giving up after 5 retransmits
Jun 1 18:46:44 	charon 		05[NET] <con1000|5>sending packet: from 81.93.xxx.xxx[500] to 217.6.xxx.xxx[500] (184 bytes)
Jun 1 18:46:44 	charon 		05[IKE] <con1000|5>sending retransmit 5 of request message ID 0, seq 1
Jun 1 18:46:02 	charon 		15[NET] <con1000|5>sending packet: from 81.93.xxx.xxx[500] to 217.6.xxx.xxx[500] (184 bytes)</con1000|5></con1000|5></con1000|5></con1000|5></con1000|5>

      ipsec log lancom:

      [VPN-Status] 2016/06/01 19:00:59,314  Devicetime: 2016/06/01 19:00:58,959
VPN: WAN state changed to WanProtocol for DELUXE_BL (81.93.xxx.xxx), called by: 009c72a4

[VPN-Status] 2016/06/01 19:00:59,314  Devicetime: 2016/06/01 19:00:58,970
IKE info: Phase-1 negotiation started for peer DELUXE_BL rule isakmp-peer-DELUXE_BL using MAIN mode

[VPN-Status] 2016/06/01 19:01:29,317  Devicetime: 2016/06/01 19:01:28,960
VPN: connection for DELUXE_BL (81.93.xxx.xxx) timed out: no response

[VPN-Status] 2016/06/01 19:01:29,317  Devicetime: 2016/06/01 19:01:28,960
VPN: disconnecting DELUXE_BL (81.93.xxx.xxx)

[VPN-Status] 2016/06/01 19:01:29,317  Devicetime: 2016/06/01 19:01:28,960
VPN: Error: IFC-I-Connection-timeout-IKE-IPSEC (0x1106) for DELUXE_BL (81.93.xxx.xxx)

      so in my eyes both sides says "no response from other side"… i dont know what i can do :(

      Thx!

      1 Reply Last reply Reply Quote 0
      • R
        richie1985
        last edited by

        seems some nat problems or so, after deleting the state it was working again but how can i prevent this issue?

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          What states in particular did you delete? Only thing that comes to mind is if you had a port forward or 1:1 NAT overlapping, so it was directing that traffic to an internal host, or if you have manual or hybrid outbound NAT configured and are NATing the host's own traffic. Can't do either of those.

          1 Reply Last reply Reply Quote 0
          • R
            richie1985
            last edited by

            i have no 1:1 nat or port forward and the outbound nat rules are set to auto…

            mhh so i have no idea why vpn is going down after some time and wont be reconnect :(

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.