Bug? ipsec vpn stopped when vlans configured
-
Hello,
I turned up three vlans on my router and my site to site vpn stopped. Restoring the configuration and rebooting the firewall fixed it.
When it happened a second time, I disabled the new vlan interfaces,with no change. Rebooting again fixed it.
The local racoon logs showed no activity on the ipsec vpn at all. The remote pfsense racoon logs showed "[Remote Side not responding]"
I have the racoon.conf file before and after the last reboot. There are three sections missing from the "before" file:
Listen {…}
remote ipaddr {...}
remote anonymous {...}It's as if the racoon.conf file got mangled and racoon reloaded when I clicked "save changes".
it makes sense: without the Listen part, racoon won't bind to any ports. If it happens again, I will check the output of sockstat.
Here are the pertinent information:
- local version of pfsense: 2.1, remote version (other end of site to site vpn): 2.0.3
- Wan port is bge0
- vlan ports are only on bge1.
Is this a bug?
racoon.conf.after_reboot_vpnworks.txt
racoon.conf.before_with_stuckvpn.txt