IPsec tunnel stop working after upgrade to beta 2



  • Greetings,

    im upgrading my 2 pfsense connencted with ipsec tunnel from almost last beta 1 snapshot to last beta 2 snapshot (1.2-BETA-2-TESTING-SNAPSHOT-07-05-2007 built on Sun Jul 8 07:18:11 EDT 2007) and my IPsec tunnel between this two pfsense stop working.

    Its there something new that i must change in ipsec settings after upgrade to beta 2?

    Thanks for your help.

    (Log from one pfsense)
    Jul 8 18:41:03 racoon: INFO: PUBLIC_IP[500] used as isakmp port (fd=21)
    Jul 8 18:41:03 racoon: INFO: fe80::250:4ff:fe51:f8fe%xl0[500] used as isakmp port (fd=20)
    Jul 8 18:41:03 racoon: INFO: 192.168.11.254[500] used as isakmp port (fd=19)
    Jul 8 18:41:03 racoon: INFO: fe80::250:4ff:fe53:e253%xl1[500] used as isakmp port (fd=18)
    Jul 8 18:41:03 racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=17)
    Jul 8 18:41:03 racoon: INFO: ::1[500] used as isakmp port (fd=16)
    Jul 8 18:41:03 racoon: INFO: fe80::1%lo0[500] used as isakmp port (fd=15)
    Jul 8 18:41:03 racoon: INFO: fe80::250:4ff:fe51:f8fe%tun0[500] used as isakmp port (fd=14)
    Jul 8 18:41:03 racoon: INFO: 192.168.100.1[500] used as isakmp port (fd=13)
    Jul 8 18:41:03 racoon: INFO: @(#)This product linked OpenSSL 0.9.7e-p1 25 Oct 2004 (http://www.openssl.org/)
    Jul 8 18:41:03 racoon: INFO: @(#)ipsec-tools 0.6.7 (http://ipsec-tools.sourceforge.net)



  • you need a default rule on youre new ipsec interface
    from beta 1.2 and up you can filter ipsec trafic
    that is the need for the new rule



  • Scott wrote on the mailing list:

    Try a snapshot later today or run this command and reboot:

    chmod a+rx /usr/local/bin/*.sh



  • Its help, thanks Heiko…

    @heiko:

    Scott wrote on the mailing list:

    Try a snapshot later today or run this command and reboot:

    chmod a+rx /usr/local/bin/*.sh


Log in to reply