IPSEC VPN Stops passing traffic
-
Hi All, I wasn't sure if this should be in here but since it's an issue that affected our IPSEC VPN connected users I figured here would be as good a place to start than anywhere else.
Ok so we have a Netgate SG-3100 running 2.4.4-RELEASE-p3 with an Ipsec VPN configured which has been working absolutely fantastically on our 70/15mbps broadband connection, supporting about 30 users without any problems.
Then last night at 16:40 (ish) I lost my RDP connection to my PC at work and the phone started ringing. No one could RDP to their PC's even though their VPN connections claimed to be connected. I disconnected and reconnected without any difficulty.. (We have a Windows 2019 NPS server doing the user authentication). I couldn't ping any internal network devices at all.
Curiously I was able to access our Owncloud web service (via our external IP address) but that was about all I could do.
As a last "dunno what else to do" I restarted the Netgate and service was then resumed.
I appreciate this may be lacking in some detail, but I'd really like to know what happened. So can anyone tell me where to start looking? (checked the logs but nothing obvious there) and any idea what might have caused the issue ?
Is there some sort of hard stop buffer that only gets cleared by periodic restarts?
I'm happy to consider anything including solar flares and foreign state based hacking at this stage :-)
-
@cre8toruk Sorry I should add that from the office everything was fine... Internet access fine, RDP to any machine was also fine.
I got a teamviewer connection onto a PC and could get to the netgate to reboot it tooo.
-
@cre8toruk I'm having a similar issue with 2 different sites with a 5100 and 7100. They're both on the same ISP, and a tech there has indicated there's a firmware glitch with the modems affecting VPN / VoIP traffic... Everthing else works, pings through vpn, vpn doesn't drop, internet slows down a lot - but still up. SMB and Domain Auth seems to be affected the most. Reseting the modem seems to fix the issue for a while, but then it'll stop working for SMB shares usually some random time later.
Have you had any luck finding your issue?