• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Ipsec between pfsense and lancom stopped working

Scheduled Pinned Locked Moved IPsec
4 Posts 2 Posters 2.5k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • R
    richie1985
    last edited by Jun 1, 2016, 5:06 PM

    hi,

    it was working fine without any problems. without any changes on both sides it stopped working and i only see timeouts. but internet connection (ping, tracert, port check) is working.

    ipsec log pfsense:

    Jun 1 18:48:00 	charon 		05[IKE] <con1000|5>establishing IKE_SA failed, peer not responding
Jun 1 18:48:00 	charon 		05[IKE] <con1000|5>giving up after 5 retransmits
Jun 1 18:46:44 	charon 		05[NET] <con1000|5>sending packet: from 81.93.xxx.xxx[500] to 217.6.xxx.xxx[500] (184 bytes)
Jun 1 18:46:44 	charon 		05[IKE] <con1000|5>sending retransmit 5 of request message ID 0, seq 1
Jun 1 18:46:02 	charon 		15[NET] <con1000|5>sending packet: from 81.93.xxx.xxx[500] to 217.6.xxx.xxx[500] (184 bytes)</con1000|5></con1000|5></con1000|5></con1000|5></con1000|5>

    ipsec log lancom:

    [VPN-Status] 2016/06/01 19:00:59,314  Devicetime: 2016/06/01 19:00:58,959
VPN: WAN state changed to WanProtocol for DELUXE_BL (81.93.xxx.xxx), called by: 009c72a4

[VPN-Status] 2016/06/01 19:00:59,314  Devicetime: 2016/06/01 19:00:58,970
IKE info: Phase-1 negotiation started for peer DELUXE_BL rule isakmp-peer-DELUXE_BL using MAIN mode

[VPN-Status] 2016/06/01 19:01:29,317  Devicetime: 2016/06/01 19:01:28,960
VPN: connection for DELUXE_BL (81.93.xxx.xxx) timed out: no response

[VPN-Status] 2016/06/01 19:01:29,317  Devicetime: 2016/06/01 19:01:28,960
VPN: disconnecting DELUXE_BL (81.93.xxx.xxx)

[VPN-Status] 2016/06/01 19:01:29,317  Devicetime: 2016/06/01 19:01:28,960
VPN: Error: IFC-I-Connection-timeout-IKE-IPSEC (0x1106) for DELUXE_BL (81.93.xxx.xxx)

    so in my eyes both sides says "no response from other side"… i dont know what i can do :(

    Thx!

    1 Reply Last reply Reply Quote 0
    • R
      richie1985
      last edited by Jun 1, 2016, 6:27 PM

      seems some nat problems or so, after deleting the state it was working again but how can i prevent this issue?

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by Jun 1, 2016, 7:52 PM

        What states in particular did you delete? Only thing that comes to mind is if you had a port forward or 1:1 NAT overlapping, so it was directing that traffic to an internal host, or if you have manual or hybrid outbound NAT configured and are NATing the host's own traffic. Can't do either of those.

        1 Reply Last reply Reply Quote 0
        • R
          richie1985
          last edited by Jun 2, 2016, 6:04 AM

          i have no 1:1 nat or port forward and the outbound nat rules are set to auto…

          mhh so i have no idea why vpn is going down after some time and wont be reconnect :(

          1 Reply Last reply Reply Quote 0
          1 out of 4
          • First post
            1/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received