IPsec vpn, a probable bug (in pfSense or Windows) - after IP lease time is over the computer cannot send message in tunnels

  • I setup an IPsec vpn with tunnels, after working several hours it stopped to accept traffic from Local Network until i restart computers in Local Network. PfSense forgets its local network and does not send traffic in IPsec tunnels. After reboot of a computer it remembers that he is one his local members to send traffic in IPsec tunnels.

    How can i make pfSense not to forget local network that can send traffic in tunnels?

    Restarting server to introduce himself as a client of IPsec tunnel traffic takes long time.

  • I have removed static IP on DHCP leases and its working for more than 24 hours without problem.

    When server had static IP the lease time was empty so it should have a default value of 7200 seconds. Probably after lease time is over the computer which leased the IP does not send re-lease the same IP message because of some problem.

    I don't know if it is possible to make pfSense check if the computer that leased a static IP is still active or not to delete the static IP record in lease table.

    The computer was a Windows Server 2012 R2, Do I need to make any configuration in windows to make it re-request another lease of same IP?

  • To remind DHCP that the computer is in LAN subnet, if in the first call of webservices of remote site fails i force the client machine to release and renew IP address by ipconfig / release/renew and this starts tunnel traffic again.

    Details are here:

Log in to reply