Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Packet loss and connection instability via IPSEC Tunnel after upgrade to 2.4.2

    Scheduled Pinned Locked Moved IPsec
    2 Posts 2 Posters 565 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      svnwremote
      last edited by

      I'm sorry if this has been asked before, if it has just point me to the right post and I'll contribute there.

      I have two pfSense installations running version 2.4.2 RELEASE-1, with an IPSec tunnel between the two. The tunnel works great until about 2:45 PM or 3:00 PM or so, at which point it starts disconnecting, reconnecting, re-authing, etc.

      This issue did not appear prior to version 2.4.2, as the tunnel had been active since May of 2017. It was only after the recent upgrade where this issue appeared.

      SITE A [ Primary ] runs on a 200/200MB Fiber Connection
      SITE B [ Secondary ] runs on a 200/15 MB Connection

      Pings leading out of WAN are not dropped at all, but every 6-10th ping over the tunnel from site a to site b, or vice versa is dropped.

      The log files indicate it's re-authing and attempting the reconnect. On both sites rekey is disabled, reauth is disabled and dead peer detection is not enabled.

      We are using AES 256 for P1 protocol w/ IKE 2, and ESP SHA 256 for P2. Both sites are configured identically, minus the IP Identifiers, etc.

      Anyone have thoughts on what could be causing this?

      1 Reply Last reply Reply Quote 0
      • J
        JOTS
        last edited by

        Sorry to dig up an old post, but I was wondering if you ever found a solution? I have have an ongoing problem very similar to yours and like you discovered, it only seems to affect my systems that are running 2.4.2 or later.

        Link to previously created thread.
        https://forum.pfsense.org/index.php?topic=143728.0

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.