IPSEC Permission? issue…



  • I have two pfSense FW's setup to connect to each other. and one is getting the following error:

    Jul 12 19:18:16	charon		04[NET] error writing to socket: Permission denied
    Jul 12 19:18:16	charon		13[NET] <con1000|1> sending packet: from 72.x.x.x[500] to 24.x.x.x[500] (180 bytes)
    Jul 12 19:18:16	charon		13[IKE] <con1000|1> sending retransmit 1 of request message ID 0, seq 1
    Jul 12 19:18:12	charon		04[NET] error writing to socket: Permission denied
    Jul 12 19:18:12	charon		15[NET] <con1000|1> sending packet: from 72.x.x.x[500] to 24.x.x.x[500] (180 bytes)
    Jul 12 19:18:12	charon		15[ENC] <con1000|1> generating ID_PROT request 0 [ SA V V V V V ]
    Jul 12 19:18:12	charon		15[IKE] <con1000|1> initiating Main Mode IKE_SA con1000[1] to 24.x.x.x</con1000|1></con1000|1></con1000|1></con1000|1></con1000|1>
    

    Both are new installs of "2.3.4-RELEASE (amd64)"

    P1 and P2 are setup the same.

    I [think] the FW rules are setup correctly. (I have other VPNs to Sonicwalls working on one of the pfSense units.

    I've searched for this error "error writing to socket: Permission denied" and could not find any threads.

    ANy help is appreciated!!



  • Did you ever find a solution to this problem?  I have the exact same issue that I have been trying to resolve for some time.  I've altered the tunnel configurations in multiple ways with no change in the result.  This problem is with a new firewall.  The old firewall has IPSEC connections to multiple PFSense boxes with no problems.  The new connection is set up exactly the same, but always results in the socket writing permission error.  I have no problems using Open VPN for the connection, just with IPSEC.



  • exactly same problem for me. Any solution ?



  • Hello Guys,

    anyone solved this problem?

    Apr 10 19:15:47 charon 04[NET] error writing to socket: Permission denied
    Apr 10 19:15:47 charon 08[NET] <con2000|2>sending packet: from 1.2.3.4[500] to 4.3.2.1 [500] (464 bytes)
    Apr 10 19:15:47 charon 08[IKE] <con2000|2>retransmit 2 of request with message ID 0

    The tunnel is working fine for days and dies suddenly without changing something.
    Please help :-)

    Kind regards</con2000|2></con2000|2>



  • Push. No Idea? Its really anoying to have a suddenly crashing tunnel :-(


  • Netgate

    Anyone who is having this problem running snort with blocking?

    Probably the endpoint getting blocked for some reason.



  • Good Morning,

    thanks for your answer. Actually i am using Snort. I will check the block list next time. Thank you for this idea.

    Kind regards



  • @derelict Perfect! Thanks! Snort was blocking the VPN Gateway. I whitelisted SID 122:23. It was triggered everytime i was playing Age of Empires II HD.