Note: pfSense 2.2 + Ipsec psk Xauth + Radius; Must restart service

IPsec
Log in to reply
  • A

    I spent all morning fighting this.

    When using mobile IPSEC VPN, when you switch your "User Authentication" from the local database to point to your Radius server, you have to STOP, then manually START the VPN service or else authentications fail immediately.

    I've been able to repeat this behavior by switching between "local database" and "radius server".

    What an annoying thing to hunt down, I was looking in all the wrong places and out of frustration I rebooted the whole server, then it started working…. which is what lead me to stopping then restarting the IPsec service.

    Sorry if this is already known, I'm just venting...

    I've tested this on a clean install of 2.2, and a 2.5.1 -> 2.2 upgraded server. Both exhibit the same behavior.

    0
  • S

    OMFG I spent all day pissing around with different things until I read your post, THANK YOU THANK YOU THANK YOU.

    Now pfSense: it's been 18 months since this was noted, maybe it would be a good idea to automatically restart the VPN service when a change like this is made?

    0
  • Derelict
    LAYER 8 Netgate

    When you are making a change to a server with dozens of tunnels in production, stopping and restarting IPsec because of a change made to one tunnel can be a real downer.

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy