Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Remote Office can only have one tunnel up at a time

    Scheduled Pinned Locked Moved
    IPsec
    1
    2
    218
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rpsmith
      last edited by rpsmith

      Home office LAN: 192.168.10.0
      Home office OPT2: 10.1.12.0
      |
      Remote office LAN 192.168.40.0

      Both firewalls are on 2.4.5-RELEASE-p1 (amd64)

      I want both home office networks to be connected to the remote office LAN network so I created two phase 2 entries on both ends. The problem is they only work if only one of them is enabled at a time. If I enable both at the same time, only the top LAN to LAN tunnel shows connected and works. If I then disable the top phase 2 entry, the bottom home OPT2 to remote LAN starts working.

      Any help would be greatly appreciated. Roy...

      1 Reply Last reply Reply Quote 0
      • R
        rpsmith
        last edited by rpsmith

        Well this is beginning to look like a weird IPsec bug to me!

        Home Office Phase 2 Entries:
        192.168.10.0/24 to 192.168.40.0/24 ; Works!
        192.168.11.0/24 to 192.168.40.0/24 ; Works!
        10.1.12.0/24 to 192.168.40.0/24 ; Does Not Work

        Remote Office Phase 2 Entries:
        192.168.40.0/24 to 192.168.10.0/24 ; Works
        192.168.40.0/24 to 192.168.11.0/24 ; Works
        192.168.40.0/24 to 10.1.12.0/24 ; Does Not Work

        Update: The problem seems to be isolated to the remote office firewall as it has the same problem with a peer-to-peer OpenVPN tunnel and other remote offices work fine with both IPsec and OpenVPN tunnels in the same configuration.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post