Upgraded from 2.3.3 to 2.4.0 Ipsec routing error
-
Those errors are unrelated to IPsec.
The "cannot forward" message is because your system is attempting to send non-link-local traffic using a link-local source. fe80 addresses cannot talk to anything outside the current L2, they are not routeable, so they can never reach that destination.
-
Related?
https://forum.pfsense.org/index.php?topic=123370.0 -
Maybe, I'll try to disable IPSec and see if the errors disappear.
Can anyone tell me something about the "route: writing to routing socket: Invalid argument" error?
Didn't have that one on 2.3.3 -
This one is related, and exactly the same problem: https://forum.pfsense.org/index.php?topic=117827.0
The error "route: writing to routing socket: Invalid argument" is something else, and disappears when I disable one of my IPSec Tunnels (net2net).
Roadwarrior IPSec (The other tunnel) is not working (tunnel itself does work, bus traffic does not flow), and gives the default deny error in firewall logs, as above topic.
Tried to create the sloppy state floating rule, but is not working for me. -
I see the same message on 2.4.0-BETA on my new sg-1000.
Does anyone have a solution for this?edit: I also created that sloppy rule … does not work here.
IPSEC tunnel(s) up, but traffic doesn't get through.
The imported config works on another pfsense-2.3.3 -
Yeah, I went OpenVPN…
-
Yeah, I went OpenVPN…
not a valid option for everyone. I have customers with IPSEC only.
-
I know but I had no other option.. Migrated all to openvpn.
Was pain in the ass but it was worth it… -
Well, I assume if it works in 2.3.3 it should be solvable in 2.4.x as well.
-
What is recommended? Should I file a ticket for that issue or simply wait … ? ;-)
-
fixed for me, see https://forum.pfsense.org/index.php?topic=126290.0
