PF Sense as IPSec central gateway, more than 3 phase 2 entries –> no child SA's
-
Hello everyone, I'm really new here and not really fit using PFSense..
At the moment I'm encountering the problem, that our central PFSense doesn't want to allow an additional phase 2 entry in one of our IPSec site to site connections (1 branch office has to reach 4 other networks). When disabling one of the existing phase 2 entries and restarting the IPsec connection the child SA's are created and working (without the disabled network). When activating "NAT - BINAT Translation" (cause i have to hide this network when connecting to a customer of us) the same problem is occuring.
Actually we are using:
2.3.2-RELEASE-p1 (amd64)
built on Tue Sep 27 12:13:07 CDT 2016
FreeBSD 10.3-RELEASE-p9Any ideas, remarks or questions are appreciated.
Thanks Marcel