4. IPSec Tunnel fails –-

IPSec Tunnel fails –-

  • P

    Good Morning,

    I have a pfSense 2.0.1 with two IPSec tunnels.

    Tunnel one is to a pfSense 1.2.3 while Tunnel 2 is a pfSense 2.0.1 box.

    Tunnel one stays up and seems to be fine.  Tunnel 2 keeps dropping Putty sessions on what appear to be Large Packet errors. I changed the WAN MTU on the Tunnel 2 end from default (1500) to 1486 but it failed again just now. Putty error: "Software Error Connection Aborted"

    Any ideas ?

    TIA ==

    0
  • Rebel Alliance Developer Netgate

    On pfSense 1.2.3, the "MTU" value on WAN actually set MSS Clamping (assuming you didn't disable scrub).

    The equivalent setting on 2.0 would be under System > Advanced, on the Misc tab, check the box for MSS clamping on VPNs and then enter the same value there that you enter on the 1.2.3 box's WAN MTU.

    Leave the MTU on pfSense 2.0.x as default.

    0
  • P

    So I changed the Remote end of Tunnel 2 (The one that Fails with large packets) and no joy –

    Do I have to change both ends ?  Or is a reboot required on the remote Tunnel 2 end ?

    TIA..

    PS: Tunnel 1 to the older version of pfSense is defaulted so (1500) .

    0
  • Rebel Alliance Developer Netgate

    It should match on both sides.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy