4. IKEv2 IPsec clients connect all with the same IP address

IKEv2 IPsec clients connect all with the same IP address

  • V

    I've spent a couple of days setting up an Always-On IKEv2 VPN link and now that it seems to be finally working I realized that all the clients using the same username get the same IP address. On the iPhone, since it makes two connections at the same time, one over Wi-Fi, the other over Cellular, it seems to block one of these connections and I get no traffic. I been tweaking one setting at a time in order to find which one sets clients to get a different IP address per link but I think I've ran out of option and I still can't fix the problem.

    If you guys know how to fix this, could you point me in the right direction? I've read and reread the supposedly complete master-ultimate-whatever guide, the pfSense Book but I don't think it makes any mention of this issue and its integrated search sucks! :(

    Thanks!

    0
  • Rebel Alliance Developer Netgate

    On the advanced options tab for IPsec, set "Configure Unique IDs" to No or Never and see if that helps.

    Really though you should not be reusing accounts like that. It's better if every device has its own VPN account.

    0
  • V

    Sorry for taking so long, I thought I checked to be notified for responses over email, I guess I didn't.

    Anyway, I had already done that, I'm starting to think my install is defective somehow. I think it's dropping information, I tried an internal VPN server and connections can't be made, they pass the firewall and are logged and reach the final server but this server reports it's missing stuff like username, I just nuked the server so I can't paste logs anymore but I found the same thing happening with VoIP traffic, no matter what I do I just can't get it to work. Something's off. This VPN server used to work before, now [if] the tunnel comes up, clients will be missing some information like default gateways and no traffic will pass. I tried with several ISPs yielding the same results and the only thing that's different is the gateway itself. I'm loving pfSense so far but I think I'll have to go back to my Ubiquiti gateway if this doesn't work. :(

    Thanks for you help anyway, I really appreciate it.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy