IPSEC BOVPN Timeout
-
Hi Guys
is the attached screenshot the reason why my IPSEC VPN requires to be disconnected and reconnected through out the day for connection to be available as i keep having to do this to reconnect the two peers.
-
From that screenshot it appears you have disabled both rekey and reauthentication. So when the P1 expires (at most every 8 hours, likely about 1/2 to 2/3 that time) it can't renegotiate a new P1.
The exact method to solve this depends on the tunnel configuration and what the other side supports. Generally speaking, however, you should have a positive value in either rekey or reauth time.
See the recommendations for values here for a good guide:
https://docs.netgate.com/pfsense/en/latest/troubleshooting/ipsec-duplicate-sa.html
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.