[SOLVED]IPSec problem
-
Same issue like https://forum.pfsense.org/index.php?topic=123892.0 ?
-
Not really. Although I have "route: writing to routing socket: Invalid argument" is something else, and disappears when I disable one of my IPSec Tunnels (net2net).
But this is different. My problem are those ips that are showing. Where are they coming from? Why I can't ping remote and with 2.3.3 I can?
-
After further investigation, it seems to be this issue:
https://forum.pfsense.org/index.php?topic=117827.0
and
https://redmine.pfsense.org/issues/6937
https://redmine.pfsense.org/issues/7015EDIT: those ip only show up when ipsec vpn on remote is from behind NAT.
-
I don't use mobile IPSEC and my WAN is not behind (my) NAT … afaik. ???
I don't mind running 2.4 so far, I am happy with 2.3.3 on my APU but the netgate SG-1000 came with 2.4 beta ...
-
I'm reverting back to 2.3.3 until IPSec is usable. ZFS and freebsd 11 would be nice to have though. But I can wait. No problem.
-
I also can wait. Just want to avoid the hassle of reinstalling on SG-1000 as long as I can.
My plan: plug in and upgrade the SG-1000 every few days and see if patches roll in ;)latest update does not fix the issue, I also rechecked that floating "sloppy" rule, does not work for me.
-
https://redmine.pfsense.org/issues/6937
https://redmine.pfsense.org/issues/7015Both bugs fixed by devs, installed today's update and IPSEC now works for me on 2.4beta with the SG-1000.
I also removed that sloppy firewall rule, btw -
Awesome. Thanks for the report.
-
My problem are gone with latest snapshot. Thanks PFSENSE Team!
-