IPsec IKEv2 tunnel to Azure
-
I have 2 PFsense firewalls with 2.2.1 installed. I'm running a IKEv2 tunnel to Microsoft Azure from both firewalls to the same Azure subscription. I need IKEv2 to be able to run a Dynamic multisite configuration in Azure.
The problem I'm facing is that after a random period of time all traffic stops going through the tunnel even though the tunnel is up in both PFsense and in Azure. IF I Disconnect and connect in PFsense it starts working again for a random time of 1 hour to a couple of days. I think rekeying is not working properly.
I have tried to change so the PFsense firewalls only are responders but when I disconnect a tunnel and connects it again it actually says it is a initiator, which I think is strange
I have also tried to increase the phase 1 lifetime to a much higher value but it still stops working after a while.
I see on the forum that there is a lot of IPsec related problems in 2.2 and 2.2.1 and unfortunately I need 2.2 or above in order to run an Azure Multisite configuration with IKEv2
-
This https://forum.pfsense.org/index.php?topic=91627.0 seems to solve it.