IPSEC Tunnels restarting when adding VLAN or interfaces?


  • LAYER 8 Moderator

    Hi there,

    I just noticed, that pfSense (2.3.latest) is always restarting all IPSEC VPN Site2Site tunnels when I'm adding an interface or new VLAN. Even if the interface/VLAN has nothing to do whatsoever with the configured IPSec networks or interfaces. The service is configured on WAN which we don't touch at all, so I'm curious why it always stops and restarts all tunnels? OpenVPN tunnels or roadwarrior servers aren't affected at all, so I find the kind of strange behavior.

    Greets,
    Jens


  • LAYER 8 Moderator

    Added information: Also adding CARP VIPs on interfaces the IPSEC tunnels aren't affected or related with (like a new VLAN on another physical interface), all IPSEC tunnels come down and will be recreated. Again OpenVPN ist unaffected by that. Is there any hint in why that happens at all?



  • Update routing maybe? But that's just a wild guess.


  • LAYER 8 Moderator

    Yeah thought about that, but then I encountered a reset of all IPSec tunnels after just adding a CARP VIP on a fully independent new VLAN that isn't physically or logically envolved with any of the tunnels. Just adding the VIP brought down all IPSec tunnels. Seems kinda strange to me.


Log in to reply