IPSec VPN PFSense and Palo Alto
-
I have an IPSec VPN, my side it's a PFSense and the other it's a Palo Alto. Since the configuration, everything was ok, the tunnels and the traffic was ok, but a few hours later the Palo Alto side stops working. The PFSense side everything it's working. Sometimes I restart the service, disable and enable the IPSec and it works, but latterly restart the service or disable/enable the IPSec in PF Sense's side it's not working anymore , actually the situation became worst because when I disable and enable the IPSec, the connection is no longer established (bellow some log systems erros):
Oct 20 14:09:51 php-fpm 4335 /vpn_ipsec.php: O comando '/usr/local/sbin/strongswanrc stop' retornou o código de saída '1', a saída foi 'strongswan not running? (check /var/run/daemon-charon.pid).'
Oct 20 14:09:53 check_reload_status 378 Reloading filter
Oct 20 14:11:19 check_reload_status 378 Syncing firewall
Oct 20 14:11:22 check_reload_status 378 Reloading filter
Oct 20 14:11:25 check_reload_status 378 Reloading filter
Oct 20 14:11:26 kernel sonewconn: pcb 0xe1892300: Listen queue overflow: 5 already in queue awaiting acceptance (20 occurrences)
Oct 20 14:14:26 kernel sonewconn: pcb 0xe1892300: Listen queue overflow: 5 already in queue awaiting acceptance (6 occurrences)
Oct 20 14:17:33 kernel sonewconn: pcb 0xe1892300: Listen queue overflow: 5 already in queue awaiting acceptance (11 occurrences)
Oct 20 14:19:07 kernel sonewconn: pcb 0xe1892300: Listen queue overflow: 5 already in queue awaiting acceptance (16 occurrences)
Oct 20 14:20:10 kernel sonewconn: pcb 0xe1892300: Listen queue overflow: 5 already in queue awaiting acceptance (11 occurrences)
Oct 20 14:20:48 check_reload_status 378 Syncing firewall
Oct 20 14:20:50 check_reload_status 378 Reloading filter
Oct 20 14:20:50 php-fpm 73599 /vpn_ipsec.php: O comando '/usr/local/sbin/strongswanrc stop' retornou o código de saída '1', a saída foi 'strongswan not running? (check /var/run/daemon-charon.pid).'
Oct 20 14:20:52 check_reload_status 378 Reloading filter
Oct 20 14:28:55 check_reload_status 378 Syncing firewall
Oct 20 14:28:57 check_reload_status 378 Reloading filter
Oct 20 14:29:01 check_reload_status 378 Reloading filter
Oct 20 14:29:02 kernel sonewconn: pcb 0xe1892300: Listen queue overflow: 5 already in queue awaiting acceptance (7 occurrences)
Oct 20 14:29:33 php-fpm 73599 /status_services.php: Recarregamento forçado IPSec
Oct 20 14:29:33 check_reload_status 378 Reloading filter
Oct 20 14:33:13 php-fpm 4335 /status_services.php: Recarregamento forçado IPSec
Oct 20 14:33:13 check_reload_status 378 Reloading filter
Oct 20 14:33:19 kernel sonewconn: pcb 0xe1892300: Listen queue overflow: 5 already in queue awaiting acceptance (6 occurrences)