PFsense 2.5 Multiple Phase 1 not working
-
Hi Guys,
with pfsense 2.4.5 it was possible to have two phase 1 IPSecs. Once for site-to-site and once for mobile. Since I updated to 2.5 today, that doesn't work anymore. The iOS client always reports the wrong shared secret, although it is definitely correct. If I deactivate the site-to-site IPSec, the connection works via the iOS client. Unfortunately the site-to-site connection is no longer available.
Does anyone have any ideas how I can solve the problem?
-
Both can coexist OK on 2.5.0/21.02, but something in your settings may be causing that. You need to provide a lot more information about your configuration, plus connection logs when it does/doesn't work to compare what happens.
Typically that kind of thing happens when there is some overlap in the remote addresses on the tunnel or if the identifiers can't be matched.
There are also a few known issues in 2.5.0 which could affect this, look at the other threads here in the IPsec category for a list of patches to try.