ipsec connection got unstable (dropping after 20s) after upgrade to 2.6.0
-
hello, after upgrade of pfsense from 2.4.5_1 to 2.6.0, we have problem with one of our ipsec connectivity to customer site.
the connection worked without any problems before.
the connection gets initiated and data transfer is possible, but the connection is always getting dropped again after 20 seconds.
what could explain this behaviour ?
Feb 21 09:35:03 fwbn02 charon[8330]: 09[IKE] <con4|21408> IKE_SA con4[21408] established between <ip hidden>[<ip hidden>]...<ip hidden>[<ip hidden>]
Feb 21 09:35:03 fwbn02 charon[8330]: 11[IKE] <con4|21408> CHILD_SA con4_37{182168} established with SPIs c9c806e0_i 180b44b8_o and TS <ip hidden>/32|<ip hidden>/23 === <ip hidden>/16|/0
Feb 21 09:35:20 fwbn02 charon[8330]: 06[KNL] creating delete job for CHILD_SA ESP/0xc54e5a0c/<ip hidden>
Feb 21 09:35:20 fwbn02 charon[8330]: 06[KNL] creating delete job for CHILD_SA ESP/0x1ebe399a/<ip hidden>
Feb 21 09:35:20 fwbn02 charon[8330]: 15[IKE] <con9|18221> closing expired CHILD_SA con9_4{180662} with SPIs c54e5a0c_i 1ebe399a_o and TS <ip hidden>/32|<ip hidden>/24 === <ip hidden>/24|/0
Feb 21 09:35:20 fwbn02 charon[8330]: 15[KNL] <con9|18221> unable to delete SAD entry with SPI c54e5a0c: No such process (3)
Feb 21 09:35:20 fwbn02 charon[8330]: 15[KNL] <con9|18221> unable to delete SAD entry with SPI 1ebe399a: No such process (3)
Feb 21 09:35:20 fwbn02 charon[8330]: 01[JOB] CHILD_SA ESP/0x1ebe399a/<ip hidden> not found for delete
Feb 21 09:35:23 fwbn02 charon[8330]: 01[IKE] <con4|21408> closing CHILD_SA con4_37{182168} with SPIs c9c806e0_i (0 bytes) 180b44b8_o (0 bytes) and TS <ip hidden>/32|<ip hidden>/23 === <ip hidden>|/0
Feb 21 09:35:23 fwbn02 charon[8330]: 07[IKE] <con4|21408> deleting IKE_SA con4[21408] between <ip hidden>[<ip hidden>]...<ip hidden>[<ip hidden>]