Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSEC Tunnels restarting when adding VLAN or interfaces?

    Scheduled Pinned Locked Moved IPsec
    4 Posts 2 Posters 929 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JeGrJ
      JeGr LAYER 8 Moderator
      last edited by

      Hi there,

      I just noticed, that pfSense (2.3.latest) is always restarting all IPSEC VPN Site2Site tunnels when I'm adding an interface or new VLAN. Even if the interface/VLAN has nothing to do whatsoever with the configured IPSec networks or interfaces. The service is configured on WAN which we don't touch at all, so I'm curious why it always stops and restarts all tunnels? OpenVPN tunnels or roadwarrior servers aren't affected at all, so I find the kind of strange behavior.

      Greets,
      Jens

      Don't forget to upvote ๐Ÿ‘ those who kindly offered their time and brainpower to help you!

      If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

      1 Reply Last reply Reply Quote 0
      • JeGrJ
        JeGr LAYER 8 Moderator
        last edited by

        Added information: Also adding CARP VIPs on interfaces the IPSEC tunnels aren't affected or related with (like a new VLAN on another physical interface), all IPSEC tunnels come down and will be recreated. Again OpenVPN ist unaffected by that. Is there any hint in why that happens at all?

        Don't forget to upvote ๐Ÿ‘ those who kindly offered their time and brainpower to help you!

        If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

        1 Reply Last reply Reply Quote 0
        • jahonixJ
          jahonix
          last edited by

          Update routing maybe? But that's just a wild guess.

          1 Reply Last reply Reply Quote 0
          • JeGrJ
            JeGr LAYER 8 Moderator
            last edited by

            Yeah thought about that, but then I encountered a reset of all IPSec tunnels after just adding a CARP VIP on a fully independent new VLAN that isn't physically or logically envolved with any of the tunnels. Just adding the VIP brought down all IPSec tunnels. Seems kinda strange to me.

            Don't forget to upvote ๐Ÿ‘ those who kindly offered their time and brainpower to help you!

            If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.