Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPsec VTI establish automatically

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 612 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      michmoor LAYER 8 Rebel Alliance
      last edited by michmoor

      Is there a way to have VTI tunnels reestablished automatically? I reboot a remote end but the tunnel doesnt establish until i force p1/p2 connectivity.

      Of course this option below doesnt apply.
      99cf5d24-166d-4e64-b024-956e082378cb-image.png

      Firewall: NetGate,Palo Alto-VM,Juniper SRX
      Routing: Juniper, Arista, Cisco
      Switching: Juniper, Arista, Cisco
      Wireless: Unifi, Aruba IAP
      JNCIP,CCNP Enterprise

      M 1 Reply Last reply Reply Quote 0
      • M
        michmoor LAYER 8 Rebel Alliance @michmoor
        last edited by

        @michmoor nevermind, i think..

        b411cee3-45e8-4a3c-939b-dc8e2ae0050c-image.png

        Setting right below the ping host option. I think this should work here.

        Firewall: NetGate,Palo Alto-VM,Juniper SRX
        Routing: Juniper, Arista, Cisco
        Switching: Juniper, Arista, Cisco
        Wireless: Unifi, Aruba IAP
        JNCIP,CCNP Enterprise

        M 1 Reply Last reply Reply Quote 1
        • M
          michmoor LAYER 8 Rebel Alliance @michmoor
          last edited by

          Does this just enable DPD behind the scenes?

          Firewall: NetGate,Palo Alto-VM,Juniper SRX
          Routing: Juniper, Arista, Cisco
          Switching: Juniper, Arista, Cisco
          Wireless: Unifi, Aruba IAP
          JNCIP,CCNP Enterprise

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            No DPD is a separate function.

            https://github.com/pfsense/pfsense/blob/master/src/usr/local/bin/ipsec_keepalive.php

            Steve

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.