Ver 2.2.1 & Draytek VPN tunnels

  • Hi,

    I have installed 2.2.1 and uploaded a 2.1.5 configuration.

    Anyone else out there finding that the tunnels can be established, they will work and then drop when connecting to any Draytek?

    I am using MAIN Mode AES256 SHA1 with DH1 for Phase 1 and AES256 SHA1 for Phase 2 I have disabled PFS.

    The pfSense VPNs are all set to responder only.

    These setting are working very well with a 2.1.5 firewall from a different location and worked for me on my old 2.1.5.

    Any thoughts or suggestions would be gratefully received.


  • You have to reset the responder only mode on pfSense 2.2.1.

  • ermal, how do you 'reset the responder only mode' - I cannot see anywhere in the gui?

    I have changed one of the VPNs to initiator if that is what you meant - it has made no difference.

  • FWIW, I've spent many hours trying to get a reliable VPN between PFSense 2.2.1 and a Draytek with IPSEC. Draytek to Draytek works fine but the PFSense VPN drops out and/or fires up multiple Phase 2's after which traffic doesn't flow :(

    I've tried setting the Draktek as outgoing only/incoming and both and tried telling PFSense to only be a responder. No difference.

    I'd love to know what the trick is.