Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPsec Site-to-Site drops after one hour

    Scheduled Pinned Locked Moved IPsec
    2 Posts 1 Posters 821 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DarekDan
      last edited by

      I have a pfSense appliance, running release 2.3.4 p1, which works fine for most part. I have established a site-to-site IPsec connection, to a Ubiquity UniFi Security Gateway 3P, behind an Xfinity residential modem, in bridge mode. The connection is quite stable for exactly an hour, after which time it "drops", meaning no additional packets will flow between the two sites, however, it still shows as established on the Status page for IPsec. A quick disconnect and reconnect works, but I should not have to do that every hour, right? What should I check to ensure that the connection stays up all the time?

      1 Reply Last reply Reply Quote 0
      • D
        DarekDan
        last edited by

        So after changing Phase 2 lifetime to 86400, the connection is staying up, after the one hour mark passed. So the question is now, I believe, how can I ensure that Phase 2 key renegotiating succeeds every hour?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.