Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Azure Ipsec tunnels ERROR: failed to get sainfo.

    Scheduled Pinned Locked Moved
    IPsec
    1
    1
    1.0k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      giff256
      last edited by

      I'm trying to get 4 tunnels running between azure and pfsense. They seem to working, I can ping etc but the connection keeps momentarily dropping all the time.

      The network in Azure is as follows:

      Address space:

      10.0.0.0/16

      Subnets:

      Az1: 10.0.1.0/21
      Az2: 10.0.8.0/21
      Az3: 10.0.128.0/21

      The local subnets are:

      L1: 10.1.0.0/24
      L2: 192.168.1.0/24
      L3: 192.168.2.0/24

      And I want the following tunnels:

      Az1 <-> L2
      Az2 <-> L1
      Az3 <-> L2
      Az3 <-> L3

      In the verbose ipsec logs it's complaining about mismatching subnets:

      Oct 17 13:23:44	racoon: DEBUG: getsainfo params: loc='10.1.0.0/24' rmt='10.0.0.0/16' peer='1.1.1.1' client='1.1.1.1' id=1
Oct 17 13:23:44	racoon: DEBUG: evaluating sainfo: loc='10.1.0.0/24', rmt='10.0.8.0/21', peer='ANY', id=1
Oct 17 13:23:44	racoon: DEBUG: check and compare ids : values matched (IPv4_subnet)
Oct 17 13:23:44	racoon: DEBUG: cmpid target: '10.1.0.0/24'
Oct 17 13:23:44	racoon: DEBUG: cmpid source: '10.1.0.0/24'
Oct 17 13:23:44	racoon: DEBUG: check and compare ids : value mismatch (IPv4_subnet)
Oct 17 13:23:44	racoon: DEBUG: cmpid target: '10.0.0.0/16'
Oct 17 13:23:44	racoon: DEBUG: cmpid source: '10.0.8.0/21'
Oct 17 13:23:44	racoon: DEBUG: evaluating sainfo: loc='192.168.1.0/24', rmt='10.0.128.0/21', peer='ANY', id=1
Oct 17 13:23:44	racoon: DEBUG: check and compare ids : value mismatch (IPv4_subnet)
Oct 17 13:23:44	racoon: DEBUG: cmpid target: '10.1.0.0/24'
Oct 17 13:23:44	racoon: DEBUG: cmpid source: '192.168.1.0/24'
Oct 17 13:23:44	racoon: DEBUG: evaluating sainfo: loc='192.168.2.0/24', rmt='10.0.128.0/21', peer='ANY', id=1
Oct 17 13:23:44	racoon: DEBUG: check and compare ids : value mismatch (IPv4_subnet)
Oct 17 13:23:44	racoon: DEBUG: cmpid target: '10.1.0.0/24'
Oct 17 13:23:44	racoon: DEBUG: cmpid source: '192.168.2.0/24'
Oct 17 13:23:44	racoon: ERROR: failed to get sainfo.
Oct 17 13:23:44	racoon: ERROR: failed to get sainfo.
Oct 17 13:23:44	racoon: [azure]: [1.1.1.1] ERROR: failed to pre-process ph2 packet [Check Phase 2 settings, networks] (side: 1, status: 1).
Oct 17 13:23:44	racoon: DEBUG: IV freed

Can anyone see what's wrong? I want to start doing some large data transfers to Azure but can't if the tunnels keep dropping![/azure]
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.