Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    IKEv2 IPsec clients connect all with the same IP address

    IPsec
    2
    3
    677
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      vitaprimo last edited by

      I've spent a couple of days setting up an Always-On IKEv2 VPN link and now that it seems to be finally working I realized that all the clients using the same username get the same IP address. On the iPhone, since it makes two connections at the same time, one over Wi-Fi, the other over Cellular, it seems to block one of these connections and I get no traffic. I been tweaking one setting at a time in order to find which one sets clients to get a different IP address per link but I think I've ran out of option and I still can't fix the problem.

      If you guys know how to fix this, could you point me in the right direction? I've read and reread the supposedly complete master-ultimate-whatever guide, the pfSense Book but I don't think it makes any mention of this issue and its integrated search sucks! :(

      Thanks!

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        On the advanced options tab for IPsec, set "Configure Unique IDs" to No or Never and see if that helps.

        Really though you should not be reusing accounts like that. It's better if every device has its own VPN account.

        1 Reply Last reply Reply Quote 0
        • V
          vitaprimo last edited by

          Sorry for taking so long, I thought I checked to be notified for responses over email, I guess I didn't.

          Anyway, I had already done that, I'm starting to think my install is defective somehow. I think it's dropping information, I tried an internal VPN server and connections can't be made, they pass the firewall and are logged and reach the final server but this server reports it's missing stuff like username, I just nuked the server so I can't paste logs anymore but I found the same thing happening with VoIP traffic, no matter what I do I just can't get it to work. Something's off. This VPN server used to work before, now [if] the tunnel comes up, clients will be missing some information like default gateways and no traffic will pass. I tried with several ISPs yielding the same results and the only thing that's different is the gateway itself. I'm loving pfSense so far but I think I'll have to go back to my Ubiquiti gateway if this doesn't work. :(

          Thanks for you help anyway, I really appreciate it.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy