IPSec unstable since upgrade to 2.2
-
DPD is already disabled on all my tunnels
-
DPD is already disabled on all my tunnels
The problem here is… that people with broken IPsec yet again recycled a thread for dumping all kinds of different issues here. There's is no generic "IPSec unstable" issue with a single cause.
Unless you are 300% sure you have exactly identical issue with the OP, kindly start your own thread, providing logs and relevant IPsec configuration bits.
-
There's is no generic "IPSec unstable" issue with a single cause.
For sure there IS SOME KIND of issue with IPSec after upgrading from 2.1.5 to 2.2
If have MANY different tunnels with different settings to all kinds of other firewalls (incl. pfSense, Cisco, WatchGuard, etc., etc., etc.). After upgrading 12 of 19 tunnels now have issues.
-
I have already started my own thread, but it's stalling.
Can't hurt to see what others do to find a solution for this -
For sure there IS SOME KIND of issue with IPSec after upgrading from 2.1.5 to 2.2
Please, read again. You won't get any issue fixed by posting generic rants and hijacking other people's threads with problems caused by something different (or caused by something unknown since people actually don't post any relevant info usable for debugging either.)
-
I have posted logs requested here: https://forum.pfsense.org/index.php?topic=87943.0
-
For sure there IS SOME KIND of issue with IPSec after upgrading from 2.1.5 to 2.2
Please, read again. You won't get any issue fixed by posting generic rants and hijacking other people's threads with problems caused by something different (or caused by something unknown since people actually don't post any relevant info usable for debugging either.)
OK - I will start my own thread. But I would like to know how many SINGLE threads needs to be opened until you and other see that THERE IS A GENERAL PROBLEM with IPSec since 2.2 !??!
-
so my 18 ipsec tunnels with multiple phase 2 on 2.1.5 and older have worked for over 5 years, connecting to cisco asa, sonicwalls, fortinets, watchguard and other pfsense firewalls.
after the upgrade i read the requirement to use main and also recommendation to switch to IKEv2, did all that and still problems persisted.
i did delete some tunnels completely and recreated from scratch and manually creating the phase 2, still problems.
decided to use only 1 phase 2 on all tunnels and ipsec is stable now, using main mode with IKEv1 and using IKEv2, but i need that second network back in the tunnels, so this weekend i will revert back to 2.1.5.
-
I have also trouble with IPSec since upgrading from 2.1.5 to 2.2
My problem is that most of the tunnels are going down after the phase 1 lifetime expires. Restart of IPSec service does not help. I have to restart the whole firewall. After reboot all tunnels coming up automatically until again phase 1 lifetime expires…
Have anybody some idea?? THANKS!!
May be the same like IPsec silenty dies?
Regards,
Peter -
It seems that I am experiencing the same issues/symptoms that are described with multiple P2.
There is quite a bit of information on this thread that I have tried already and some that I applied additionally.
The P1 remains up but no traffic are passed.I would like to know what can I do to help, going back to previous version is a easy thing to do, but if there is anything I can help with, please let me know, and I will be glad to do so.
-
Sorry to resurrect this thread… but I'm facing the same problems with an IPSec tunnel between two pfSense 2.2.4.
The problem really started after the upgrade.
-
The issue in this thread was solved several versions ago, you're not having the same issue. Please start a new thread describing what you're seeing.