Pfsense 2.02 Ipsec VPN goes down randomly

  • I have tried enabling and disabling  "Prefer older IPsec SAs ", tried disabling NAT-T  but still no luck.

    This my ipsec vpn configuration.

    Phase 1
    Authentication method : Mutual PSK
    Negotiation mode : Aggressive
    Policy Generation :Default
    Proposal Checking : Obey
    Encryption algorithm : 3DES
    Hash algorithm : SHA1
    DH key group : 5
    Life time :28800
    NAT T    : Disabled
    DPD  : enabled(60 secs and 5 retries)

    Phase 2
    Protocol :ESP
    Encryption algorithms: 3DES
    Hash algorithms: SHA1
    PFS key group : 2
    Life time : 1800

    racoon: [–-------]: INFO: initiate new phase 1 negotiation: x.x.x.x[500]<=>x.x.x.x1500]
    racoon: [–-------]: INFO: IPsec-SA request for x.x.x.x1 queued due to no phase1 found.
    racoon: ERROR: failed to begin ipsec sa negotication.
    racoon: ERROR: phase1 negotiation failed due to send error. b52634c42b55942e:0000000000000000
    racoon: INFO: begin Aggressive mode.

  • Normally 'queued due to no phase1 found' and 'phase1 negotiation failed' means that Phase1 settings aren't matching between the two endpoints.  What device is the remote endpoint?

  • "racoon: ERROR: phase1 negotiation failed due to send error" is what happens when you have a misconfigured PPTP server and a client disconnects. PPTP server should never use an assigned IP of any sort, especially WAN, as its server IP.

Log in to reply