Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    IPSEC tunnel between two sites not working as it should

    IPsec
    1
    2
    74
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DonZalmrol last edited by DonZalmrol

      For about two years now I have a site-to-site IPSEC tunnel between my main site and backup site.
      Recently I've started with network segmentation (vlans) on my main site (A). After a few months of running stable on site A I've decided to also implement this on my backup site (B).

      After adjusting the IPSEC with a new phase 2 that allows from site A 192.0.0.0/18 towards site B 192.0.64.0/18 it seems that the tunnel isn't working as it should.

      I can RDP, VNC towards the servers on site B, and from site B towards the servers of site A. But when I try to access let's say the webinterface of the switches on site B I'm hitting and blank pages and receive timeouts in putty while I'm SSH'ed into the switch.

      Or I see DNS issues for my AD (MS server 2016) and replication acting very strangely.

      Pings work within normal delays +- 20ms.

      The set up is a follows
      Site A and site B

      • LAG with vlans

      • Interfaces assigned to LAG with corresponding vlan

      • Network settings set (e.g. interface address static)

      • FW rules set to basic any-any, same goes for IPSEC

      -- removed images for privacy --

      The switches are set (to my knowledge) correctly and have inter-vlan capability.

      And it all worked before I implemented VLANs on site B. I'm feeling I'm overlooking something and it's driving me nuts.

      If someone encountered something similar or has some pointers they are really appreciated :)

      1 Reply Last reply Reply Quote 0
      • D
        DonZalmrol last edited by

        Issue resolved!

        Believe it or not it was a f****** reboot that solved it...
        Probably the firewall still had some old caches or something still in it's memory...

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy