Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Failover not working

    IPsec
    1
    1
    515
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Arancho Doc
      last edited by

      Hi,
      does anybody have a working configuration to have IPSEC working in a multiwan enviroment when a failover occurs?

      I spent a lot of time looking at any possible solution but I found only people with the same problem and not a single working solution.

      I'm currently using DynDNS on both sides, gateway groups as interface and everything is working in normal conditions.
      Unfortunately when a failover occurs, the VPN is not able to go up automatically.
      The only way I found to get it working is to disable and re-enable the Phase 1 of that VPN on both sides.

      Just to be clear, restarting the racoon does not work.

      I'm running PFSEnse 2.1.3 and I'm planning to update to 2.1.5 soon, but I'm not confident this will solve the problem.

      I did dozens of tests without any lucky end.

      In some situation, I'm also able to have the VPN up and running even if the Status of Ipsec shows that the connection is down on both sides…

      I think there is somenthing wrong in the VPN configuration that is not updating when the DNS changes.
      Looking at the log it seems that even if the IP address has changed, the VPN tunnel keeps on using the old address.

      I'm a little bit confused, but if somebody has some idea or wish more information I will be happy to share my experience.

      Many thanks.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post