Multiple IPsec Phase2 connections - No link

  • Hello everyone,

    following problem with an IPsec connection of a pfSense:

    Initial situation:

    • 1x phase 1
    • 2x phase 2 (two IP circuits)

    At irregular intervals, Phase 2 builds up several times and a link via the VPN is no longer possible.

    Disconnecting and reconnecting the connection will then bring about a short-term improvement.

    thanks in advance


  • as jimp wrote, set your tunnel to the following modes:

    Side 1: IKEv2, Rekey configured, Reauth disabled, child SA close action set to restart/reconnect
    Side 2: IKEv2, Rekey configured, Reauth disabled, responder only set, child SA close action left at default (clear)

    See also:

Log in to reply