Strange VPN Gateway issue



  • I have a 2.3.2 pfSense installation. It has been upgraded along to current.

    Fairly basic setup, WAN, LAN1, LAN2, LAN3, DMZ, VPN. The VPN is a client connecting to StrongVPN. It is being used as a Gateway. The VPN establishes fine, and traffic can flow over it. The odd part is that if I put heavier throughput over the VPN the WAN and VPN drop. I will give example below. I searched through the logs and didnt find any glaringly obvious clues.

    - LAN1 uses default gateway which is WAN.
    - DMZ traffic uses policy routing to direct DMZ traffic over the VPN tunnel.
    - My computer on LAN1 pinging google.com continuously. 
    
    So long as the traffic bandwidth on the VPN is relitively low, everything works as expected. But if VPN traffic is increased the ping start to fail on my computer. Also on the pfSense dashboard it shows both WAN and VPN gateways as being offline.
    
    

    Oh and the increased traffic is not enough to saturate the internet connection.

    In the past this has worked properly. I am not sure what has changed or is causing this odd error. Any suggestions welcomed!

    Thanks



  • I have got the same problem. Open VPN client connects fine, can ping servers over the VPN, start trying to do anything a bit more data intensive and the pfsense box stops forwarding traffic to its gateway.

    Only thing a bit different is that my pfsense is behind a virgin media router with Port Forwarding, from a PC network behind the Open VPN network, if I start pinging the Virgin router, and google via the pfsense the ping to the router continues to reply, but the google drops when I try to open and RD session to the server, if I have a laptop plugged into the Virgin router at the same time, it continues to have full internet access. The static IP on the virgin router is via a GRE Tunnel.



  • For me this turned out to be a problem with Virgin Media, when I started an Open VPN between 2 of their Static IP connections, Started fine, try and transfer any data and both Virgin modems would disconnect their GRE Tunnel. If the client is on a non static IP Virgin connection it works fine, and does not appear to have issues with any other ISP static IPs…..


Log in to reply