VPN S2S Azure PFSense



  • Pessoal, estou tendo problemas com uma VPN S2S com a Azure, tenho 3 ambientes semelhantes, porém uma da erro e eu não sei mais como tratar.

    Meu log é o seguinte no exato momento da desconexão.

    Sep 11 15:13:37 charon 13[ENC] <con2|1476> parsed CREATE_CHILD_SA request 12 [ SA No TSi TSr ]
    Sep 11 15:13:37 charon 13[IKE] <con2|1476> traffic selectors 10.0.0.0/16|/0 === 172.16.0.0/32|/0 inacceptable
    Sep 11 15:13:37 charon 13[IKE] <con2|1476> failed to establish CHILD_SA, keeping IKE_SA
    Sep 11 15:13:37 charon 13[ENC] <con2|1476> generating CREATE_CHILD_SA response 12 [ N(TS_UNACCEPT) ]
    Sep 11 15:13:37 charon 13[NET] <con2|1476> sending packet: from IP_EXTERNO_LOCAL[500] to IP_EXTERNO_AZURE[500] (76 bytes)
    Sep 11 15:14:38 charon 12[NET] <con2|1476> received packet: from IP_EXTERNO_AZURE[500] to IP_EXTERNO_LOCAL[500] (396 bytes)
    Sep 11 15:14:38 charon 12[ENC] <con2|1476> parsed CREATE_CHILD_SA request 13 [ SA No TSi TSr ]
    Sep 11 15:14:38 charon 12[IKE] <con2|1476> traffic selectors 10.0.0.0/16|/0 === 172.16.0.0/32|/0 inacceptable
    Sep 11 15:14:38 charon 12[IKE] <con2|1476> failed to establish CHILD_SA, keeping IKE_SA
    Sep 11 15:14:38 charon 12[ENC] <con2|1476> generating CREATE_CHILD_SA response 13 [ N(TS_UNACCEPT) ]
    Sep 11 15:14:38 charon 12[NET] <con2|1476> sending packet: from IP_EXTERNO_LOCAL[500] to IP_EXTERNO_AZURE[500] (76 bytes)
    Sep 11 15:15:54 charon 01[IKE] <con2|1476> sending DPD request
    Sep 11 15:15:54 charon 01[ENC] <con2|1476> generating INFORMATIONAL request 2 [ ]
    Sep 11 15:15:54 charon 01[NET] <con2|1476> sending packet: from IP_EXTERNO_LOCAL[500] to IP_EXTERNO_AZURE[500] (76 bytes)
    Sep 11 15:15:54 charon 01[NET] <con2|1476> received packet: from IP_EXTERNO_AZURE[500] to IP_EXTERNO_LOCAL[500] (76 bytes)
    Sep 11 15:15:54 charon 01[ENC] <con2|1476> parsed INFORMATIONAL response 2 [ ]
    Sep 11 15:15:55 charon 11[NET] <con2|1476> received packet: from IP_EXTERNO_AZURE[500] to IP_EXTERNO_LOCAL[500] (76 bytes)
    Sep 11 15:15:55 charon 11[ENC] <con2|1476> parsed INFORMATIONAL request 14 [ D ]
    Sep 11 15:15:55 charon 11[IKE] <con2|1476> received DELETE for ESP CHILD_SA with SPI 036ed24a
    Sep 11 15:15:55 charon 11[IKE] <con2|1476> closing CHILD_SA con2{2705} with SPIs c6908694_i (11986741 bytes) 036ed24a_o (8697024 bytes) and TS 10.0.0.0/16|/0 === 172.16.1.0/24|/0
    Sep 11 15:15:55 charon 11[IKE] <con2|1476> sending DELETE for ESP CHILD_SA with SPI c6908694
    Sep 11 15:15:55 charon 11[IKE] <con2|1476> CHILD_SA closed
    Sep 11 15:15:55 charon 11[ENC] <con2|1476> generating INFORMATIONAL response 14 [ D ]
    Sep 11 15:15:55 charon 11[NET] <con2|1476> sending packet: from IP_EXTERNO_LOCAL[500] to IP_EXTERNO_AZURE[500] (76 bytes)
    Sep 11 15:15:55 charon 11[NET] <con2|1476> received packet: from IP_EXTERNO_AZURE[500] to IP_EXTERNO_LOCAL[500] (76 bytes)
    Sep 11 15:15:55 charon 11[ENC] <con2|1476> parsed INFORMATIONAL request 15 [ D ]
    Sep 11 15:15:55 charon 11[IKE] <con2|1476> received DELETE for IKE_SA con2[1476]
    Sep 11 15:15:55 charon 11[IKE] <con2|1476> deleting IKE_SA con2[1476] between IP_EXTERNO_LOCAL[IP_EXTERNO_LOCAL]...IP_EXTERNO_AZURE[IP_EXTERNO_AZURE]
    Sep 11 15:15:55 charon 11[IKE] <con2|1476> IKE_SA deleted
    Sep 11 15:15:55 charon 11[ENC] <con2|1476> generating INFORMATIONAL response 15 [ ]
    Sep 11 15:15:55 charon 11[NET] <con2|1476> sending packet: from IP_EXTERNO_LOCAL[500] to IP_EXTERNO_AZURE[500] (76 bytes)
    Sep 11 15:16:02 charon 10[CFG] received stroke: terminate 'con2'
    Sep 11 15:16:02 charon 10[CFG] no IKE_SA named 'con2' found

    A desconexão é aleatória

    Versão 2.3.4-RELEASE-p1 (amd64)
    built on Fri Jul 14 14:52:43 CDT 2017
    FreeBSD 10.3-RELEASE-p19