Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSEC disconnect after 1 minute

    Scheduled Pinned Locked Moved IPsec
    5 Posts 2 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      danielino1981
      last edited by danielino1981

      Goodmorning everyone
      I created an ipsec

      SITE 1:

      pfSense:

      2.3.4-RELEASE-p1 (amd64)
      built on Fri Jul 14 14:52:43 CDT 2017
      FreeBSD 10.3-RELEASE-p19

      SITE 2:

      ZYWALL USG 100

      This Vpn connects but after a minute I have a disconnection.

      This is the log

      Apr 3 12:14:23 charon 05[IKE] <con1|5> peer not responding, trying again (3/3)
      Apr 3 12:14:23 charon 05[IKE] <con1|5> initiating Main Mode IKE_SA con1[5] to 93.186.247.188
      Apr 3 12:14:23 charon 05[ENC] <con1|5> generating ID_PROT request 0 [ SA V V V V V ]
      Apr 3 12:14:23 charon 05[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:14:24 charon 07[IKE] <con1|7> sending retransmit 5 of request message ID 0, seq 1
      Apr 3 12:14:24 charon 07[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:14:27 charon 09[IKE] <con1|5> sending retransmit 1 of request message ID 0, seq 1
      Apr 3 12:14:27 charon 09[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:14:34 charon 09[IKE] <con1|5> sending retransmit 2 of request message ID 0, seq 1
      Apr 3 12:14:34 charon 09[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:14:47 charon 15[IKE] <con1|5> sending retransmit 3 of request message ID 0, seq 1
      Apr 3 12:14:47 charon 15[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:15:10 charon 09[IKE] <con1|5> sending retransmit 4 of request message ID 0, seq 1
      Apr 3 12:15:10 charon 09[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:15:39 charon 15[IKE] <con1|7> giving up after 5 retransmits
      Apr 3 12:15:39 charon 15[IKE] <con1|7> peer not responding, trying again (2/3)
      Apr 3 12:15:39 charon 15[IKE] <con1|7> initiating Main Mode IKE_SA con1[7] to
      Apr 3 12:15:39 charon 15[ENC] <con1|7> generating ID_PROT request 0 [ SA V V V V V ]
      Apr 3 12:15:39 charon 15[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:15:43 charon 12[IKE] <con1|7> sending retransmit 1 of request message ID 0, seq 1
      Apr 3 12:15:43 charon 12[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:15:51 charon 10[IKE] <con1|7> sending retransmit 2 of request message ID 0, seq 1
      Apr 3 12:15:51 charon 10[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:15:52 charon 12[IKE] <con1|5> sending retransmit 5 of request message ID 0, seq 1
      Apr 3 12:15:52 charon 12[NET] <con1|5> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:16:03 charon 10[IKE] <con1|7> sending retransmit 3 of request message ID 0, seq 1
      Apr 3 12:16:03 charon 10[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:16:27 charon 12[IKE] <con1|7> sending retransmit 4 of request message ID 0, seq 1
      Apr 3 12:16:27 charon 12[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:17:08 charon 12[IKE] <con1|5> giving up after 5 retransmits
      Apr 3 12:17:08 charon 12[IKE] <con1|5> establishing IKE_SA failed, peer not responding
      Apr 3 12:17:09 charon 10[IKE] <con1|7> sending retransmit 5 of request message ID 0, seq 1
      Apr 3 12:17:09 charon 10[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:18:24 charon 09[IKE] <con1|7> giving up after 5 retransmits
      Apr 3 12:18:24 charon 09[IKE] <con1|7> peer not responding, trying again (3/3)
      Apr 3 12:18:24 charon 09[IKE] <con1|7> initiating Main Mode IKE_SA con1[7] to
      Apr 3 12:18:24 charon 09[ENC] <con1|7> generating ID_PROT request 0 [ SA V V V V V ]
      Apr 3 12:18:24 charon 09[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:18:28 charon 16[IKE] <con1|7> sending retransmit 1 of request message ID 0, seq 1
      Apr 3 12:18:28 charon 16[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:18:36 charon 08[IKE] <con1|7> sending retransmit 2 of request message ID 0, seq 1
      Apr 3 12:18:36 charon 08[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:18:49 charon 08[IKE] <con1|7> sending retransmit 3 of request message ID 0, seq 1
      Apr 3 12:18:49 charon 08[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:19:12 charon 15[IKE] <con1|7> sending retransmit 4 of request message ID 0, seq 1
      Apr 3 12:19:12 charon 15[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:19:54 charon 08[IKE] <con1|7> sending retransmit 5 of request message ID 0, seq 1
      Apr 3 12:19:54 charon 08[NET] <con1|7> sending packet: from [500] to [500] (180 bytes)
      Apr 3 12:21:10 charon 15[IKE] <con1|7> giving up after 5 retransmits
      Apr 3 12:21:10 charon 15[IKE] <con1|7> establishing IKE_SA failed, peer not responding

      Another strange thing

      From my Zywall I connect in ipsec to pfsense

      But from my pfsense if I click connect in IPSEC I can't connect

      Thank you all

      K 1 Reply Last reply Reply Quote 0
      • D
        danielino1981
        last edited by danielino1981

        6e2c4619-cdec-4112-a843-d88ebfd81ded-immagine.png

        After 60 seconds

        53e40e4b-5c50-4cf6-af70-fd106db2ce27-immagine.png

        1 Reply Last reply Reply Quote 0
        • K
          Konstanti @danielino1981
          last edited by

          @danielino1981 said in IPSEC disconnect after 1 minute:

          ZYWALL USG 100

          Hi
          You need to check your ZyWALL USG 100 settings
          This device does not respond to requests (500 port)

          Apr 3 12:14:23 charon 05[IKE] <con1|5> peer not responding, trying again (3/3)
Apr 3 12:15:39 charon 15[IKE] <con1|7> peer not responding, trying again (2/3)
Apr 3 12:17:08 charon 12[IKE] <con1|5> establishing IKE_SA failed, peer not responding
Apr 3 12:18:24 charon 09[IKE] <con1|7> peer not responding, trying again (3/3)
Apr 3 12:21:10 charon 15[IKE] <con1|7> establishing IKE_SA failed, peer not responding
          1 Reply Last reply Reply Quote 0
          • D
            danielino1981
            last edited by

            Vpn started.
            In this moment work!
            Thanksss!

            1 Reply Last reply Reply Quote 0
            • D
              danielino1981
              last edited by

              Another question.
              I have a client that connects from the outside, and needs to connect with a vpn to the existing ipsec.
              What vpn should I create on Pfsense?

              L2TP?

              Is there any guide?

              Thanks

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.