Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    S2S IPSEC ignores remote side traffic and times out.

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 867 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      steven.peters
      last edited by

      Running pfsense 2.0.1.
      I have a site-to-site IPSEC tunnel setup with a customer and one of the phase two tunnels only receives traffic from their side we don't originate any traffic on our side.  Part of that traffic is a 2x/minute heartbeat connection but after some amount of time the tunnel quits responding and goes idle.  No amount of traffic from their side will re-establish the tunnel but if I send one ping from my side the tunnel immediately starts transmitting again.

      This looks like a bug to me, a tunnel is not idle just because there is no traffic originated on the local side.

      Anyone else seen this?  Is there a workaround other than setting up a cron job to ping from one of the tunnel endpoints?  I'd rather not have to do that for all my tunnels since there are quite a few.

      Thanks,
      Steve

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.