Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IKEv2 IPsec clients connect all with the same IP address

    Scheduled Pinned Locked Moved IPsec
    3 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      vitaprimo
      last edited by

      I've spent a couple of days setting up an Always-On IKEv2 VPN link and now that it seems to be finally working I realized that all the clients using the same username get the same IP address. On the iPhone, since it makes two connections at the same time, one over Wi-Fi, the other over Cellular, it seems to block one of these connections and I get no traffic. I been tweaking one setting at a time in order to find which one sets clients to get a different IP address per link but I think I've ran out of option and I still can't fix the problem.

      If you guys know how to fix this, could you point me in the right direction? I've read and reread the supposedly complete master-ultimate-whatever guide, the pfSense Book but I don't think it makes any mention of this issue and its integrated search sucks! :(

      Thanks!

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        On the advanced options tab for IPsec, set "Configure Unique IDs" to No or Never and see if that helps.

        Really though you should not be reusing accounts like that. It's better if every device has its own VPN account.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • V
          vitaprimo
          last edited by

          Sorry for taking so long, I thought I checked to be notified for responses over email, I guess I didn't.

          Anyway, I had already done that, I'm starting to think my install is defective somehow. I think it's dropping information, I tried an internal VPN server and connections can't be made, they pass the firewall and are logged and reach the final server but this server reports it's missing stuff like username, I just nuked the server so I can't paste logs anymore but I found the same thing happening with VoIP traffic, no matter what I do I just can't get it to work. Something's off. This VPN server used to work before, now [if] the tunnel comes up, clients will be missing some information like default gateways and no traffic will pass. I tried with several ISPs yielding the same results and the only thing that's different is the gateway itself. I'm loving pfSense so far but I think I'll have to go back to my Ubiquiti gateway if this doesn't work. :(

          Thanks for you help anyway, I really appreciate it.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.