PFsense 2.2 to Sonicwal Pro 2040 IPSEC



  • Hi all,

    I think I've exhausted all variables with my tunnel configs. I've never had a problem getting pfsense to connect an IPSEC tunnel to a Sonicwall, even if the tunnels needed a little tweaking. With 2.2 both the Sonicwall and pfsense show the tunnels as up. I'm able to get one solitary ICMP packet across the VPN before any further traffic times out. If I take the tunnel down and back up again, I can then get exactly one ICMP packet across and then timeouts. Is anyone aware of any specific 'tunables' required or other settings which might affect this?

    The Sonicwall Pro is running SonicOS Standard 3.1. Sure, it's old but I haven't had this problem with PFsense 2.1.5 or older. Any ideas on where to go with this?

    Thanks,

    Matt



  • better to use 2.1.5, 2.2 has ipsec problems, phase2 with multiple subnets doesn't work, not sure if this is your problem, but the safe bet is to stay 2.1.5…I myself wish I never upgraded, but pfsense has been solid for many years and I went through the upgrade thinking no problems and unfortunately for me with over a dozen ipsec tunnels, it was a mistake on my part.



  • I was considering that but really don't want to go back. In addition, it's a Hyper-V VM which 2.2 works well on. I remember on a previous build of pfsense I had to use "prefer older SAs" Somewhat stumped at this point as the logs just don't show any pertinent errors. Tunnels marked as up. Weird.


Log in to reply