4. PF Sense as IPSec central gateway, more than 3 phase 2 entries –> no child SA's

PF Sense as IPSec central gateway, more than 3 phase 2 entries –> no child SA's

  • M

    Hello everyone, I'm really new here and not really fit using PFSense..

    At the moment I'm encountering the problem, that our central PFSense doesn't want to allow an additional phase 2 entry in one of our IPSec site to site connections (1 branch office has to reach 4 other networks). When disabling one of the existing phase 2 entries and restarting the IPsec connection the child SA's are created and working (without the disabled network). When activating "NAT - BINAT Translation" (cause i have to hide this network when connecting to a customer of us) the same problem is occuring.

    Actually we are using:

    2.3.2-RELEASE-p1 (amd64)
    built on Tue Sep 27 12:13:07 CDT 2016
    FreeBSD 10.3-RELEASE-p9

    Any ideas, remarks or questions are appreciated.
    Thanks Marcel

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy