IPsec doesn't detect the remote is down



  • I've snapshot 2.0-BETA3 built on Fri Jul 23 05:17:16 EDT 2010

    One of my remote site (SonicWall TZ170) internet is down.  But my pfsense still shows the tunnel is alive.  No event logged nor it trys to reestabilish the tunnel.

    I've enabled DPD and automatically pinging host to the SonicWall (the LAN address).

    -Raylund



  • DPD doesn't work correctly in the underlying ipsec-tools at the moment, so that would be the expected behavior (until the SA times out).


Log in to reply