IPSEC tunnel goes down every day

MarekORDI

A month ago I switched our company's firewalls over to PFSense.

Everything was working fine for a month until two days ago when IPsec tunnel went down after work hours. I found out about this the next day and tried to get it working again but suddenly the tunnel went up again. The same thing happened the next day. I cannot figure out what the problem is.

Tunnel is working between around 08:45 - 09:00 to around 17:00 - 17:15 and then refuses to reestablish before 08:45 - 09:00 in the morning.

Here is the config for ipsec on SITE_A. SITE_B is identical but only IP-s changed.

conn con1000
    fragmentation = yes
    keyexchange = ikev2
    reauth = yes
    forceencaps = no
    mobike = no

    rekey = yes
    installpolicy = yes
    type = tunnel
    dpdaction = restart
    dpddelay = 10s
    dpdtimeout = 60s

    auto = route
    left = SITE_A_IP
    right = SITE_B_IP
    leftid = SITE_A_IP
    ikelifetime = 28800s
    lifetime = 3600s
    ike = aes256-sha256-modp2048!
    esp = aes256gcm128-sha256-modp2048!
    leftauth = psk
    rightauth = psk
    rightid = SITE_B_IP
    rightsubnet = 192.168.1.1/24
    leftsubnet = 192.168.10.0/24

Any help would be appreciated.

MarekORDI

@MarekORDI

I will add logs from today's morning. Last connection was successful but before failed.

IPSEC_log.txt

MarekORDI

Found out the cause. ISP was suddenly blocking the connection for no apparent reason.