Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    IPSEC Net2Net Aggressive not working after reboot

    IPsec
    2
    2
    417
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fischeol last edited by

      Hi Guys,

      I have difficulitys with pfsense 2.3.1-p5 and an N2N-aggressive VPN.

      The VPN ist working nice,  but if I restart the pfSense and ping an IP behind the VPN - the ping won't be rerouted through the VPN after the Box is up again and has connected its VPN.
      The LAN IF of the Box always responds: Destinaion host not reachable.
      If I pause the ping for at least 1 minute und reping the target the destination host is reachable.
      But it won't work if I wait less than 1 minute.

      Do you have some suggestions to this topic ?

      regards

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        Probably because it's getting a state leaving WAN before the VPN is up. Waiting allows the state to clear.

        Add a floating rule to REJECT outbound on WAN for any destination matching your remote VPN subnet(s). That will stop the leakage.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post