Erratic IPSEC behavior ?
-
Hi,
I am trying to use an IPSEC VPN between 2 pfSense v2.3.1
There is time when the VPN is working (for days without issue) and time when it does not work, and I cannot figure out how and why.
First issue is connection : both IPSEC servers cannot connect to each other, they block on connecting…
The internet connection is fine, I can go different sites, ping servers, etc... (the gateway monitoring of pfSense is fine as well).After rebooting all them a few times, they get to connect together and have the status "Established X seconds..."
and then I face the second issue I cannot send data from one to lan to the other :computer1 (192.168.0.1) –> pfSense1 --> IPSEC –> pfSense2 –> (10.0.0.2) computer2
if from computer1, I try to ping computer2, I can capture the ICMP packets till pfSense2/InterfaceIPsec but nothing arrive on pfSense2/InterfaceLan
after rebooting one more time both pfSense servers, I get to ping computer2 from computer1 (and see my packets on pfSense2/InterfaceLan).I did not change any settings on my pfSense servers, just a matter of rebooting until things get better … which is mad ... :-\
Do you have any idea what could be the problem and/or how to troubleshoot it ?
Thanks for your help,
Hakim -
Hi,
I just wanted to add some more info about my config :
- the two pfSense servers were upgraded from version 2.2
- when I get the connection "Established X seconds…" (but no trafic) I also had "Bytes-in" and "Packets-in" to 0 on one side (pfSense1) and "Bytes-out" and "Packets-out" to 0 on the other side (pfSense1), while there was data for the opposite packets-in/out
Thanks for your help,
Hakim