Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    No logging

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 446 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      vitaprimo
      last edited by

      I've been bouncing back and forth in wether I should post this in general or under IPsec, as it seems it's only happening with VPN connections IPsec won. Anyway…

      Last week after repeatedly failing setting up a VPN server because of issues with pfSense dropping or delivering modified data to hosts (https://forum.pfsense.org/index.php?topic=131763.0) I went pack to pfSense itself as a VPN host. Spent the day looking for the strongest ciphers compatible with Windows 8 and Apple devices and then moved to more pressing issues. The day before yesterday I tried to set a new site-to-site tunnel and at the first try I let it fail to gather some info from the logs but when I went to it they weren't any.

      The last logging was from two earlier day at that point, I went to the Firewall dynamic log and tried connecting client-site and the connection came up but still no logs on ports 500, 4500 or IPsec. My devices can still connect (client-site, site-to-site I didn't finish setting up) but I have no logging whatsoever of anything happening. I went to the log settings and upped them to the one just before raw so I'm able to read them but nothing still.

      I have Suricata installed and after setting up VPN I modified Suricata to block connections and set the IPS Mode to Inline which prompted me to disable some checks under the advanced system settings, NIC-related stuff. Yesterday that I noticed the no-logging thing I undid the changes: rechecked the boxes and set Suricata's IPS Mode to Legacy Mode but I still get no logging. I don't recall doing anything else that could've impacted IPsec logging.

      Can I reset the logging module or something like that? I have no idea what to do. :/

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.