1.  If I enable the rule for IPSEC the firewall reboots every 5 minutes.
2.  IPSEC passthrough quit.

Let me know what I can due to give you all any information.  I will even let you in the firewall remotely so that you can pull logs or any information.

RC

Can you post a screenshot of that error?

Since no one posted this screenshot and the problem still exists in recent builds here we go:


but the tunnel is up...., strange

ssbaksa:  Can you post a screenshot of that error?

No luck there. Only one thing but that is GUI, tabs on IPSec log page change to BIG font and only on that tab - table is unafected.

Last 500 IPSEC log entries
Sep 24 15:35:11 racoon: [Unknown Gateway/Dynamic]: ERROR: such policy does not already exist: "192.168.100.0/24[0] 192.168.2.0/24[0] proto=any dir=out"
Sep 24 15:35:11 racoon: [Unknown Gateway/Dynamic]: ERROR: such policy does not already exist: "192.168.2.0/24[0] 192.168.100.0/24[0] proto=any dir=in"
Sep 24 15:35:11 racoon: [Unknown Gateway/Dynamic]: INFO: IPsec-SA established: ESP/Tunnel 217.x.y.z[0]->62.a.b.c[0] spi=223941049(0xd5911b9)
Sep 24 15:35:11 racoon: [Unknown Gateway/Dynamic]: INFO: IPsec-SA established: ESP/Tunnel 62.a.b.c[0]->217.x.y.z[0] spi=234153441(0xdf4e5e1)
Sep 24 15:35:11 racoon: [Unknown Gateway/Dynamic]: INFO: no policy found, try to generate the policy : 192.168.2.0/24[0] 192.168.100.0/24[0] proto=any dir=in
Sep 24 15:35:11 racoon: [Unknown Gateway/Dynamic]: INFO: respond new phase 2 negotiation: 217.x.y.z[0]<=>62.a.b.c[0]
Sep 24 15:35:10 racoon: [Unknown Gateway/Dynamic]: INFO: ISAKMP-SA established 217.x.y.z[500]-62.a.b.c[500] spi:8bb2affd47f2274b:42ee99b4ee3f2066
Sep 24 15:35:10 racoon: INFO: received Vendor ID: DPD
Sep 24 15:35:10 racoon: INFO: begin Aggressive mode.
Sep 24 15:35:10 racoon: [Unknown Gateway/Dynamic]: INFO: respond new phase 1 negotiation: 217.x.y.z[500]<=>62.a.b.c[500]
Sep 24 15:24:03 racoon: INFO: unsupported PF_KEY message REGISTER
Sep 24 15:24:03 racoon: INFO: fe80::…%fxp0[500] used as isakmp port (fd=24)
Sep 24 15:24:03 racoon: [Self]: INFO: 10.0.1.1[500] used as isakmp port (fd=23)
Sep 24 15:24:03 racoon: INFO: fe80::…%xl0[500] used as isakmp port (fd=22)
Sep 24 15:24:03 racoon: [Self]: INFO: 192.168.100.99[500] used as isakmp port (fd=21)
Sep 24 15:24:03 racoon: INFO: fe80::…%fxp1[500] used as isakmp port (fd=20)

Actually, it worked before - had just used it and saw the same message as SSBAKSA on the newly created IPsec tab: Overview.
Since the tunnel doesn't come up there is no entry to show any more.
It was right underneath the 'Overview' tab on top of the following table header.

ssbaksa:  Can you post a screenshot of that error?

try the newest snapshot
http://snapshots.pfsense.com/FreeBSD6/RELENG_1_2/updates/pfSense-Full-And-Embedded-Update-1.2-RC2.tgz
and test it again

It is working now. Now there is only one error on Overview page: Warning: Invalid argument supplied for foreach() in /usr/local/www/diag_ipsec.php on line 103 but SAD and SPD view are OK.

http://snapshots.pfsense.com/FreeBSD6/RELENG_1_2/updates/pfSense-Full-And-Embedded-Update-1.2-RC2.tgz

and test it again

I am using the build that was create on Aug 20.  I enable the IPSEC rules and as soon as I did that, the firewall started every 10 to 15 mintutes.  I disabled the rules and the server has been been up and running for over a hour.

Mine is not restarting but when client connects there is no sign of connection in SAD and SPD and no traffic is going trough (Firewall is set to allow all). RC1 works OK. I have tried this on 3 different computers - same result.

any thoughs?
RC