Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Bug? ipsec vpn stopped when vlans configured

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 587 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J Offline
      jason0
      last edited by

      Hello,

      I turned up three vlans on my router and my site to site vpn stopped.  Restoring the configuration and rebooting the firewall fixed it.

      When it happened a second time, I disabled the new vlan interfaces,with no change.  Rebooting again fixed it.

      The local racoon logs showed no activity on the ipsec vpn at all.  The remote pfsense racoon logs showed "[Remote Side not responding]"

      I have the racoon.conf file before and after the last reboot.  There are three sections missing from the "before" file:

      Listen {…}
      remote ipaddr {...}
      remote anonymous {...}

      It's as if the racoon.conf file got mangled and racoon reloaded when I clicked "save changes".

      it makes sense: without the Listen part, racoon won't bind to any ports.  If it happens again, I will check the output of sockstat.

      Here are the pertinent information:

      1. local version of pfsense: 2.1, remote version (other end of site to site vpn): 2.0.3
      2. Wan port is bge0
      3. vlan ports are only on bge1.

      Is this a bug?

      racoon.conf.after_reboot_vpnworks.txt
      racoon.conf.before_with_stuckvpn.txt

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.