Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PF Sense as IPSec central gateway, more than 3 phase 2 entries –> no child SA's

    IPsec
    1
    1
    421
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mbrabetz
      last edited by

      Hello everyone, I'm really new here and not really fit using PFSense..

      At the moment I'm encountering the problem, that our central PFSense doesn't want to allow an additional phase 2 entry in one of our IPSec site to site connections (1 branch office has to reach 4 other networks). When disabling one of the existing phase 2 entries and restarting the IPsec connection the child SA's are created and working (without the disabled network). When activating "NAT - BINAT Translation" (cause i have to hide this network when connecting to a customer of us) the same problem is occuring.

      Actually we are using:

      2.3.2-RELEASE-p1 (amd64)
      built on Tue Sep 27 12:13:07 CDT 2016
      FreeBSD 10.3-RELEASE-p9

      Any ideas, remarks or questions are appreciated.
      Thanks Marcel

      1 Reply Last reply Reply Quote 0
      • First post
        Last post