Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSec was working with 1.2.3 , with 2.0 RC-1 stopped working

    IPsec
    5
    5
    5.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      salmonbaytech
      last edited by

      So I have an IPSec VPN between two locations.  My end was PFSense 1.2.3 (Two routers in failover mode, in VMWare ESXI), the other end was 2 Linksys RV042 routers (both with the same firmware).

      This was working great. Then my primary router just stopped working (had been working great for over a year).

      So the secondary router had taken over as my primary and I decided to do a fresh install of 2.0 RC1 on my primary router. I set it up and everything was working great, I setup both IPsec VPN's but only one works!  Exact same configs, just one VPN does not connect.  If I turn of the new router and use the 1.2.3 backup its works great.

      Here are the Logs.

      racoon: []: INFO: IPsec-SA request for IPRemoved queued due to no phase1 found.
      Mar 17 09:30:57 racoon: [Remax Redmon]: INFO: initiate new phase 1 negotiation: IPRemoved[500]<=>IPRemoved[500]
      Mar 17 09:30:57 racoon: INFO: begin Identity Protection mode.
      Mar 17 09:30:57 racoon: ERROR: sendto (Operation not permitted)
      Mar 17 09:30:57 racoon: ERROR: sendfromto failed
      Mar 17 09:30:57 racoon: ERROR: phase1 negotiation failed due to send error. f1c8be04f0777fdc:0000000000000000
      Mar 17 09:30:57 racoon: ERROR: failed to begin ipsec sa negotication.

      I must be missing something simple, but I promise I have quadrupole checked both configs.  They are all setup 100% the same.

      Thoughts?

      1 Reply Last reply Reply Quote 0
      • N
        netmethods
        last edited by

        Did you create the allow rule in the firewall rules for ipsec?

        2x Nexcom 1088n8 in HA config
        2.4 GHz Quad Core / 4GB DDR2 / SATAII 160GB / 4x1GB Intel module

        1 Reply Last reply Reply Quote 0
        • T
          Transeau
          last edited by

          I'm having this same issue with ipsec.  OpenVPN is working fine.

          
Aug 10 13:29:22	racoon: [Ward & Associates Accounting]: INFO: IPsec-SA request for 71.116.225.117 queued due to no phase1 found.
Aug 10 13:29:22	racoon: [Ward & Associates Accounting]: INFO: initiate new phase 1 negotiation: 66.215.196.162[500]<=>71.116.225.117[500]
Aug 10 13:29:22	racoon: INFO: begin Aggressive mode.
Aug 10 13:29:22	racoon: ERROR: sendto (Operation not permitted)
Aug 10 13:29:22	racoon: ERROR: sendfromto failed
Aug 10 13:29:22	racoon: ERROR: phase1 negotiation failed due to send error. 01955ce1bf4b41b5:0000000000000000
Aug 10 13:29:22	racoon: ERROR: failed to begin ipsec sa negotication.
          1 Reply Last reply Reply Quote 0
          • K
            kalu
            last edited by

            if that had happened to me.
            I would have tried with "main mode"

            i love pfsense because i love open source.

            1 Reply Last reply Reply Quote 0
            • A
              afinkinfotech
              last edited by

              This is very similar to my problem, our situation and logs look almost identical.

              http://forum.pfsense.org/index.php/topic,40285.0.html

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.