No ip refeshing on IPSEC tunnels against Dinamic Dns Names? x86



  • Hello boys, I had a Cisco 877 connected using IPSEC against a pfsense 1.2.3 like a charm Cisco has Dinamic public ip, that refresh DynDns hostname and I use that hostname for config on both sides of VPN IPSEC config.

    I updated to 2.0 and noticed that the tunnel config uses IP address for config and dont refresh it, Each time it changes I have to enter on PFsense PHase1 and save it, then on logs I saw that it rewrites config with new IP with 1 output.

    vpn_ipsec.php: The command '/usr/local/sbin/racoonctl -s /var/db/racoon/racoon.sock reload-config' returned exit code '1', the output was ''

    It says that previus IP and new IP is the same but I dont belive it.
    Dont know exactly whats happening but this tunnel leave working and with 1.2.3. It never gone down.

    Anyone has experienced something like this?



  • @kaneda:

    Hello boys, I had a Cisco 877 connected using IPSEC against a pfsense 1.2.3 like a charm Cisco has Dinamic public ip, that refresh DynDns hostname and I use that hostname for config on both sides of VPN IPSEC config.

    I updated to 2.0 and noticed that the tunnel config uses IP address for config and dont refresh it, Each time it changes I have to enter on PFsense PHase1 and save it, then on logs I saw that it rewrites config with new IP with 1 output.

    vpn_ipsec.php: The command '/usr/local/sbin/racoonctl -s /var/db/racoon/racoon.sock reload-config' returned exit code '1', the output was ''

    It says that previus IP and new IP is the same but I dont belive it.
    Dont know exactly whats happening but this tunnel leave working and with 1.2.3. It never gone down.

    Anyone has experienced something like this?

    Hi, I have a similar problem:

    I have a pfsense 2.0-BETA4 with 1 WAN with Dynamic IP (PPPoE) and Dynamic DNS. and a IPSEC SITE to SITE VPN with a Linksys Router with Static IP.

    PFSENSE (WAN1)(dynamic IP/DNS) <–---------TUNNEL---------> (Static IP)(WAN1)LINKSYS RV082

    The DynDns Updates work fine, but when I reboot the pFsense the WAN1 Dynamic IP changes, the Dynamic DNS updates are Ok, but the other end, the linksys reports that pFsense are declaring as their IP the OLD dynamic IP.

    This a line of log of the linksys:

    We require peer to have ID '189.XXX.133.2', but peer declares '189.XXX.201.225'

    189.XXX.133.2  is the new IP
    189.XXX.201.225 is the OLD IP

    I need to re-save the phase 1 to get connected.

    Is this a bug or only config mistake?

    Thanks in advance.

    Ricardo


Locked