4. Note: pfSense 2.2 + Ipsec psk Xauth + Radius; Must restart service

Note: pfSense 2.2 + Ipsec psk Xauth + Radius; Must restart service

  • A

    I spent all morning fighting this.

    When using mobile IPSEC VPN, when you switch your "User Authentication" from the local database to point to your Radius server, you have to STOP, then manually START the VPN service or else authentications fail immediately.

    I've been able to repeat this behavior by switching between "local database" and "radius server".

    What an annoying thing to hunt down, I was looking in all the wrong places and out of frustration I rebooted the whole server, then it started working…. which is what lead me to stopping then restarting the IPsec service.

    Sorry if this is already known, I'm just venting...

    I've tested this on a clean install of 2.2, and a 2.5.1 -> 2.2 upgraded server. Both exhibit the same behavior.

    0
  • S

    OMFG I spent all day pissing around with different things until I read your post, THANK YOU THANK YOU THANK YOU.

    Now pfSense: it's been 18 months since this was noted, maybe it would be a good idea to automatically restart the VPN service when a change like this is made?

    0
  • LAYER 8 Netgate

    When you are making a change to a server with dozens of tunnels in production, stopping and restarting IPsec because of a change made to one tunnel can be a real downer.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy