IPSec tunnel failures after upgrade to 1.2.3
-
We have several IPSec tunnels established between our central PFSense firewall and remote employees with different Netgear firewalls. These tunnels have been running for at least a year or more without any major issues. Ever since we upgraded FPSense to version 1.2.3 we have been having issues with the tunnels dropping after the timeout values expire. The only way to get them going again is to disable the tunnel on both sides and then re-enable them. We do have a couple of PFSense to FPSense tunnels that stay up and do not require manual intervention. It is only the tunnels to Netgear devices that are failing.
We have not been able to find any reference to this as a known bug but are hoping someone may have an idea on how to resolve the issue.
-kg
-
On pfSense, try to enable "Prefer old IPsec SAs" under the advanced options. I have to enable this when talking to some other routers (Linksys, Watchguard, etc)
-
On pfSense, try to enable "Prefer old IPsec SAs" under the advanced options. I have to enable this when talking to some other routers (Linksys, Watchguard, etc)
Thanks, I will try that and see what happens.
-kg
