Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Piling on SPI entries

    Scheduled Pinned Locked Moved IPsec
    5 Posts 3 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H Offline
      hidalgo
      last edited by

      I’m running a pfSense 2.2.2 with 2 vpn tunnels (to Fritzbox and to Draytek). On the status it shows many child SA entries (see attachment). Traffic works flawlessly but is that normal behavior? If not, what’s wrong and how to correct this?

      ![Bildschirmfoto 2015-05-03 um 11.52.22.png](/public/imported_attachments/1/Bildschirmfoto 2015-05-03 um 11.52.22.png)
      ![Bildschirmfoto 2015-05-03 um 11.52.22.png_thumb](/public/imported_attachments/1/Bildschirmfoto 2015-05-03 um 11.52.22.png_thumb)

      1 Reply Last reply Reply Quote 0
      • D Offline
        doktornotor Banned
        last edited by

        Yeah, you are about zillionth person reporting this. Please, search. Other than that, get latest 2.2.3 snapshot.

        http://snapshots.pfsense.org/FreeBSD_releng/10.1/amd64/pfSense_RELENG_2_2/updates/
        http://snapshots.pfsense.org/FreeBSD_releng/10.1/i386/pfSense_RELENG_2_2/updates/

        1 Reply Last reply Reply Quote 0
        • H Offline
          hidalgo
          last edited by

          After I updated I still have this on one of my vpn tunnel. Do I have to change the configuration of my vpn to the Fritzbox?

          1 Reply Last reply Reply Quote 0
          • D Offline
            doktornotor Banned
            last edited by

            No idea. Strongswan == heap of beep

            1 Reply Last reply Reply Quote 0
            • C Offline
              cmb
              last edited by

              It's an artifact of rekeyed connections in some circumstance we haven't narrowed down yet. It doesn't appear to cause any problems though, and is safe to ignore.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.