Packet loss and connection instability via IPSEC Tunnel after upgrade to 2.4.2



  • I'm sorry if this has been asked before, if it has just point me to the right post and I'll contribute there.

    I have two pfSense installations running version 2.4.2 RELEASE-1, with an IPSec tunnel between the two. The tunnel works great until about 2:45 PM or 3:00 PM or so, at which point it starts disconnecting, reconnecting, re-authing, etc.

    This issue did not appear prior to version 2.4.2, as the tunnel had been active since May of 2017. It was only after the recent upgrade where this issue appeared.

    SITE A [ Primary ] runs on a 200/200MB Fiber Connection
    SITE B [ Secondary ] runs on a 200/15 MB Connection

    Pings leading out of WAN are not dropped at all, but every 6-10th ping over the tunnel from site a to site b, or vice versa is dropped.

    The log files indicate it's re-authing and attempting the reconnect. On both sites rekey is disabled, reauth is disabled and dead peer detection is not enabled.

    We are using AES 256 for P1 protocol w/ IKE 2, and ESP SHA 256 for P2. Both sites are configured identically, minus the IP Identifiers, etc.

    Anyone have thoughts on what could be causing this?



  • Sorry to dig up an old post, but I was wondering if you ever found a solution? I have have an ongoing problem very similar to yours and like you discovered, it only seems to affect my systems that are running 2.4.2 or later.

    Link to previously created thread.
    https://forum.pfsense.org/index.php?topic=143728.0