IPsec configuration files lost after reboot.
-
@artemis Hay
To help you answer the questions
Sorry for my English- during PF booting there is a message "Configuring IPsec VPN...done" ?
- After booting there is in the /var/etc/ipsec/ file strongswan.conf ?
- IFCONFIG shows that there is an enc0 interface after booting?
-
@Konstanti Hello and thank you for your reply.
- It shows that the IPsec VTI interface is done( Nothing about IPsec VPN and i saw the L2TP vpn configured ok)
2)There is no ipsec folder inside etc :( (It shows the l2tp but not the ipsec)
3)Yes there is an enc0 after booting.
- It shows that the IPsec VTI interface is done( Nothing about IPsec VPN and i saw the L2TP vpn configured ok)
-
@artemis enc0 UP or DOWN ?? after booting
-
It seems to be down.
-
@artemis This means that IPSEC is not enabled at boot time
Or missing phase 1
Or phase 1 is disabled -
This post is deleted! -
@konstanti Try to set IKEV2without the l2tp/IPSEC
From the documentation
We strongly recommend using another solution such as IKEv2 instead of L2TP/IPsec. -
-
@artemis Unfortunately, nothing is visible
-
@artemis https://www.netgate.com/docs/pfsense/book/ipsec/mobile-ipsec.html
-
Ok. To describe it, am showing you that the phase1 is enabled from the gui and the interface is not up.
-
@artemis
When booting the PF checks whether it is enabled to initialize IPSEC
If not , enc0 set to down
And files strongswan.conf, ipsec.conf,..... not createdTry to configure access using IKEV2 without l2tp
-
Ok how can i say to my pfsense to check the IPsec on the boot, because as i told you before it doesnt check it. My remote hosts do not support ikev2
-
@artemis he picture shows that phase 1 is disabled from gui (your configuration)
Phase 1 is enabled (my configuration)
-
Right now i am feeling that i want to dig a hole and put myself in. I thought that green (Enabled) was the status of the phase 1. Omg and the worst part is that i am a network engineer(CCNP). OMG. Thank you very much.
-
@artemis said in IPsec configuration files lost after reboot.:
I thought that green (Enabled) was the status of the phase 1.
There is a big difference between Enable and Enabled.
-
Just a comment to say something Grimson?
-
@artemis Is it loading correctly now ? ))))))
-
Yes everything is fine right know. Thank you for your help
-
@artemis At the time , too, wanted to go to study at Cisco engineer, but could not . Glad to have helped ))))) good Luck