[solved]Double Tunnels between one multiwan site and one singlewan site
-
My setup are
Site A: Pfsense 2.2.4 (64 bits)
WAN1 with ISP-A with public IPs subnet 192.168.254.0
WAN2 with ISP-B with public IPs subnet 192.168.253.0Site B: Pfsense 2.2.4 (64 bits
WAN1 with ISP-C with public IPs (using x.x.x.62 as the main ip and using x.x.x.58 as secondary ip)I can create and connect successful with all network functionality
Site A - WAN2 subnet 192.168.253.0 to Site B - WAN1 x.x.x.62 192.168.7.0
However, I cannot connect
Site A - WAN1 subnet 192.168.254.0 to Site B - WAN1 x.x.x.58 192.168.7.0
Site B IPSec Log are as follow
# cat ipsec.log|grep con2000\|1977 Nov 5 11:11:03 pfsense charon: 09[IKE] <con2000|1977> initiating Main Mode IKE_SA con2000[1977] to #SITE A - WAN1# Nov 5 11:11:03 pfsense charon: 09[IKE] <con2000|1977> initiating Main Mode IKE_SA con2000[1977] to #SITE A - WAN1# Nov 5 11:11:03 pfsense charon: 09[ENC] <con2000|1977> generating ID_PROT request 0 [ SA V V V V V V ] Nov 5 11:11:03 pfsense charon: 09[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes) Nov 5 11:11:07 pfsense charon: 09[IKE] <con2000|1977> sending retransmit 1 of request message ID 0, seq 1 Nov 5 11:11:07 pfsense charon: 09[IKE] <con2000|1977> sending retransmit 1 of request message ID 0, seq 1 Nov 5 11:11:07 pfsense charon: 09[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes) Nov 5 11:11:15 pfsense charon: 08[IKE] <con2000|1977> sending retransmit 2 of request message ID 0, seq 1 Nov 5 11:11:15 pfsense charon: 08[IKE] <con2000|1977> sending retransmit 2 of request message ID 0, seq 1 Nov 5 11:11:15 pfsense charon: 08[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes) Nov 5 11:11:28 pfsense charon: 14[IKE] <con2000|1977> sending retransmit 3 of request message ID 0, seq 1 Nov 5 11:11:28 pfsense charon: 14[IKE] <con2000|1977> sending retransmit 3 of request message ID 0, seq 1 Nov 5 11:11:28 pfsense charon: 14[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes) Nov 5 11:11:52 pfsense charon: 08[IKE] <con2000|1977> sending retransmit 4 of request message ID 0, seq 1 Nov 5 11:11:52 pfsense charon: 08[IKE] <con2000|1977> sending retransmit 4 of request message ID 0, seq 1 Nov 5 11:11:52 pfsense charon: 08[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes) Nov 5 11:12:34 pfsense charon: 13[IKE] <con2000|1977> sending retransmit 5 of request message ID 0, seq 1 Nov 5 11:12:34 pfsense charon: 13[IKE] <con2000|1977> sending retransmit 5 of request message ID 0, seq 1 Nov 5 11:12:34 pfsense charon: 13[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes) Nov 5 11:13:49 pfsense charon: 15[IKE] <con2000|1977> giving up after 5 retransmits Nov 5 11:13:49 pfsense charon: 15[IKE] <con2000|1977> giving up after 5 retransmits Nov 5 11:13:49 pfsense charon: 15[IKE] <con2000|1977> peer not responding, trying again (2/3) Nov 5 11:13:49 pfsense charon: 15[IKE] <con2000|1977> peer not responding, trying again (2/3) Nov 5 11:13:49 pfsense charon: 15[IKE] <con2000|1977> initiating Main Mode IKE_SA con2000[1977] to #SITE A - WAN1# Nov 5 11:13:49 pfsense charon: 15[IKE] <con2000|1977> initiating Main Mode IKE_SA con2000[1977] to #SITE A - WAN1# Nov 5 11:13:49 pfsense charon: 15[ENC] <con2000|1977> generating ID_PROT request 0 [ SA V V V V V V ] Nov 5 11:13:49 pfsense charon: 15[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes) Nov 5 11:13:53 pfsense charon: 15[IKE] <con2000|1977> sending retransmit 1 of request message ID 0, seq 1 Nov 5 11:13:53 pfsense charon: 15[IKE] <con2000|1977> sending retransmit 1 of request message ID 0, seq 1 Nov 5 11:13:53 pfsense charon: 15[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes) Nov 5 11:14:01 pfsense charon: 15[IKE] <con2000|1977> sending retransmit 2 of request message ID 0, seq 1 Nov 5 11:14:01 pfsense charon: 15[IKE] <con2000|1977> sending retransmit 2 of request message ID 0, seq 1 Nov 5 11:14:01 pfsense charon: 15[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes) Nov 5 11:14:14 pfsense charon: 14[IKE] <con2000|1977> sending retransmit 3 of request message ID 0, seq 1 Nov 5 11:14:14 pfsense charon: 14[IKE] <con2000|1977> sending retransmit 3 of request message ID 0, seq 1 Nov 5 11:14:14 pfsense charon: 14[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes) Nov 5 11:14:37 pfsense charon: 08[IKE] <con2000|1977> sending retransmit 4 of request message ID 0, seq 1 Nov 5 11:14:37 pfsense charon: 08[IKE] <con2000|1977> sending retransmit 4 of request message ID 0, seq 1 Nov 5 11:14:37 pfsense charon: 08[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes) Nov 5 11:15:19 pfsense charon: 11[IKE] <con2000|1977> sending retransmit 5 of request message ID 0, seq 1 Nov 5 11:15:19 pfsense charon: 11[IKE] <con2000|1977> sending retransmit 5 of request message ID 0, seq 1 Nov 5 11:15:19 pfsense charon: 11[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes) Nov 5 11:16:35 pfsense charon: 13[IKE] <con2000|1977> giving up after 5 retransmits Nov 5 11:16:35 pfsense charon: 13[IKE] <con2000|1977> giving up after 5 retransmits Nov 5 11:16:35 pfsense charon: 13[IKE] <con2000|1977> peer not responding, trying again (3/3) Nov 5 11:16:35 pfsense charon: 13[IKE] <con2000|1977> peer not responding, trying again (3/3) Nov 5 11:16:35 pfsense charon: 13[IKE] <con2000|1977> initiating Main Mode IKE_SA con2000[1977] to #SITE A - WAN1# Nov 5 11:16:35 pfsense charon: 13[IKE] <con2000|1977> initiating Main Mode IKE_SA con2000[1977] to #SITE A - WAN1# Nov 5 11:16:35 pfsense charon: 13[ENC] <con2000|1977> generating ID_PROT request 0 [ SA V V V V V V ] Nov 5 11:16:35 pfsense charon: 13[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes) Nov 5 11:16:39 pfsense charon: 13[IKE] <con2000|1977> sending retransmit 1 of request message ID 0, seq 1 Nov 5 11:16:39 pfsense charon: 13[IKE] <con2000|1977> sending retransmit 1 of request message ID 0, seq 1 Nov 5 11:16:39 pfsense charon: 13[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes) Nov 5 11:16:46 pfsense charon: 13[IKE] <con2000|1977> sending retransmit 2 of request message ID 0, seq 1 Nov 5 11:16:46 pfsense charon: 13[IKE] <con2000|1977> sending retransmit 2 of request message ID 0, seq 1 Nov 5 11:16:46 pfsense charon: 13[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes) Nov 5 11:16:59 pfsense charon: 07[IKE] <con2000|1977> sending retransmit 3 of request message ID 0, seq 1 Nov 5 11:16:59 pfsense charon: 07[IKE] <con2000|1977> sending retransmit 3 of request message ID 0, seq 1 Nov 5 11:16:59 pfsense charon: 07[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes) Nov 5 11:17:22 pfsense charon: 07[IKE] <con2000|1977> sending retransmit 4 of request message ID 0, seq 1 Nov 5 11:17:22 pfsense charon: 07[IKE] <con2000|1977> sending retransmit 4 of request message ID 0, seq 1 Nov 5 11:17:22 pfsense charon: 07[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes) Nov 5 11:18:04 pfsense charon: 11[IKE] <con2000|1977> sending retransmit 5 of request message ID 0, seq 1 Nov 5 11:18:04 pfsense charon: 11[IKE] <con2000|1977> sending retransmit 5 of request message ID 0, seq 1 Nov 5 11:18:04 pfsense charon: 11[NET] <con2000|1977> sending packet: from SITE B - x.x.x.58[500] to #SITE A - WAN1#[500] (200 bytes)</con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977></con2000|1977> ``` Please help
-
problem solved…
I have a misconfig @ Virtual IP.... silly me...