IPSec Status fill up with any any entries

  • Dear Community,
    I have several site-to-site IPSec tunnel up and running. Also there is a Dial-In connection for mobile Clients. Everything works as expected.

    The Problem is that on the IPSec Status Page with the time there are more and more entries as below:

    Any identifier %any Any identifier %any IKEv1 responder seconds (-) CREATED

    After a reboot they're gone but after a bit of runtime they're coming back and fill up again this page. After a couple of weeks it is hard to find the right connections.

    Is it right that IVEv1 responder means that there is a answered IPSec request from the internet that cannot be established? If so, how can i prevent? All my tunndels have local and remote key id in Phase 1 so from my perspective "any" client connect should't show up?

    PFsense Error Image

    Any idea how to solve this issue is welcome, thanks in advance.


Log in to reply