Multiple IPsec Phase2 connections - No link
-
Hello everyone,
following problem with an IPsec connection of a pfSense:
Initial situation:
- 1x phase 1
- 2x phase 2 (two IP circuits)
At irregular intervals, Phase 2 builds up several times and a link via the VPN is no longer possible.
Disconnecting and reconnecting the connection will then bring about a short-term improvement.
thanks in advance
Christian -
as jimp wrote, set your tunnel to the following modes:
Side 1: IKEv2, Rekey configured, Reauth disabled, child SA close action set to restart/reconnect
Side 2: IKEv2, Rekey configured, Reauth disabled, responder only set, child SA close action left at default (clear)See also:
https://redmine.pfsense.org/issues/10176