Why prefer old SA ? Tunnel between Pfsense RC3 doesn't work properly!
-
I have a Ipsec tunnel between two Pfsense 2.0 RC3 (one is a PC, one is a Alix board).
When the Alix board restart, the tunnel comes up but the PC will prefer old SA and the traffic will not go trough the tunnel… If I disable the option "prefer old SA" on the PC everything is working well, even after reboot the Alix board.
Is it a normal behavior or is it a bug ? ???
Thanks ;D
-
Hi,
thats why i never enable this option. I got same problems with tunnels to multiple vendors. After Ike lifetime expired tunnels dont reconnect.
I dont know why its checked by default. I would advice not to check this option.
cya