Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PFsense 2.2 to Sonicwal Pro 2040 IPSEC

    Scheduled Pinned Locked Moved IPsec
    3 Posts 2 Posters 970 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Matty-CT
      last edited by

      Hi all,

      I think I've exhausted all variables with my tunnel configs. I've never had a problem getting pfsense to connect an IPSEC tunnel to a Sonicwall, even if the tunnels needed a little tweaking. With 2.2 both the Sonicwall and pfsense show the tunnels as up. I'm able to get one solitary ICMP packet across the VPN before any further traffic times out. If I take the tunnel down and back up again, I can then get exactly one ICMP packet across and then timeouts. Is anyone aware of any specific 'tunables' required or other settings which might affect this?

      The Sonicwall Pro is running SonicOS Standard 3.1. Sure, it's old but I haven't had this problem with PFsense 2.1.5 or older. Any ideas on where to go with this?

      Thanks,

      Matt

      1 Reply Last reply Reply Quote 0
      • M
        mkaishar
        last edited by

        better to use 2.1.5, 2.2 has ipsec problems, phase2 with multiple subnets doesn't work, not sure if this is your problem, but the safe bet is to stay 2.1.5…I myself wish I never upgraded, but pfsense has been solid for many years and I went through the upgrade thinking no problems and unfortunately for me with over a dozen ipsec tunnels, it was a mistake on my part.

        1 Reply Last reply Reply Quote 0
        • M
          Matty-CT
          last edited by

          I was considering that but really don't want to go back. In addition, it's a Hyper-V VM which 2.2 works well on. I remember on a previous build of pfsense I had to use "prefer older SAs" Somewhat stumped at this point as the logs just don't show any pertinent errors. Tunnels marked as up. Weird.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.