IPSec Mobile Clients + Site2Site VPN doesn´t work

  • Hi,

    I have setup three IPSec Tunnels on the same interface and same IP:

    • First tunnel,  "Mode Aggressive" für Mobile Clients

    • Second tunnel, "Mode Aggressive" to Sonicwall NSA Appliance

    • Third tunnel, "Mode Main" to AVM Fritzbox (DynDns)

    • Each tunnels works fine if I disable the other two.

    • If I disable the "Mobile Client" tunnel, the both other to Sonicwall and AVM Fritzbox do work.

    • But if I enable all three, the third tunnel to AVM Fritzbox doesn´t come up. The Fritzbox shows the tunnel as green even in the log is a IKE-Error 0x2027, the PFSense shows it permanently as "connecting" but it doesn´ come up and work.

    In the PFSense IPSEC Log i can find the several messages likefollowing entries:

    15[IKE] <con5000|3>sending retransmit 2 of request message ID 0, seq 1

    The retransmit value counts up (to 5)
    Is it a timeout issue?

    At the same time i get the message: CARP Sync generates Errors: A communications error occurred while attempting XMLRPC sync.
    Screenshots attached.

    Any Ideas?


  • Nobody an idea?

Log in to reply