Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense 2.1.5 -> 2.2.2

    Scheduled Pinned Locked Moved IPsec
    2 Posts 2 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      calvinw.hk
      last edited by

      After the upgrade it's like a mess, the IPSec Server for iOS client works great, while my Sony Tablet Z3 running android 5.0 can't connect to the upgraded pfsense box.

      Luck I have taken the vm snapshot.

      Between, please find the error below, any guys have clues on this? Any setting need to fine tune after the upgrade?

      Error Log:

      May 24 11:37:15 charon: 05[JOB] <con1|5>deleting half open IKE_SA after timeout
      May 24 11:37:12 charon: 05[NET] <con1|5>sending packet: from 1.64.169.124[500] to 182.239.81.68[1011] (432 bytes)
      May 24 11:37:12 charon: 05[IKE] <con1|5>received retransmit of request with ID 0, retransmitting response
      May 24 11:37:12 charon: 05[IKE] <con1|5>received retransmit of request with ID 0, retransmitting response
      May 24 11:37:12 charon: 05[NET] <con1|5>received packet: from 182.239.81.68[1011] to 1.64.169.124[500] (894 bytes)
      May 24 11:37:09 charon: 05[NET] <con1|5>sending packet: from 1.64.169.124[500] to 182.239.81.68[1011] (432 bytes)
      May 24 11:37:09 charon: 05[IKE] <con1|5>received retransmit of request with ID 0, retransmitting response
      May 24 11:37:09 charon: 05[IKE] <con1|5>received retransmit of request with ID 0, retransmitting response
      May 24 11:37:09 charon: 05[NET] <con1|5>received packet: from 182.239.81.68[1011] to 1.64.169.124[500] (894 bytes)
      May 24 11:37:09 charon: 11[NET] <con1|5>sending packet: from 1.64.169.124[500] to 182.239.81.68[1011] (432 bytes)
      May 24 11:37:09 charon: 11[IKE] <con1|5>sending retransmit 3 of response message ID 0, seq 1
      May 24 11:37:09 charon: 11[IKE] <con1|5>sending retransmit 3 of response message ID 0, seq 1
      May 24 11:37:06 charon: 11[NET] <con1|5>sending packet: from 1.64.169.124[500] to 182.239.81.68[1011] (432 bytes)
      May 24 11:37:06 charon: 11[IKE] <con1|5>received retransmit of request with ID 0, retransmitting response
      May 24 11:37:06 charon: 11[IKE] <con1|5>received retransmit of request with ID 0, retransmitting response
      May 24 11:37:06 charon: 11[NET] <con1|5>received packet: from 182.239.81.68[1011] to 1.64.169.124[500] (894 bytes)
      May 24 11:37:03 charon: 11[NET] <con1|5>sending packet: from 1.64.169.124[500] to 182.239.81.68[1011] (432 bytes)
      May 24 11:37:03 charon: 11[IKE] <con1|5>received retransmit of request with ID 0, retransmitting response
      May 24 11:37:03 charon: 11[IKE] <con1|5>received retransmit of request with ID 0, retransmitting response
      May 24 11:37:03 charon: 11[NET] <con1|5>received packet: from 182.239.81.68[1011] to 1.64.169.124[500] (894 bytes)
      May 24 11:37:10 charon: 11[NET] <con1|5>sending packet: from 1.64.169.124[500] to 182.239.81.68[1011] (432 bytes)
      May 24 11:37:10 charon: 11[IKE] <con1|5>received retransmit of request with ID 0, retransmitting response
      May 24 11:37:10 charon: 11[IKE] <con1|5>received retransmit of request with ID 0, retransmitting response
      May 24 11:37:10 charon: 11[NET] <con1|5>received packet: from 182.239.81.68[1011] to 1.64.169.124[500] (894 bytes)
      May 24 11:37:07 charon: 11[NET] <con1|5>sending packet: from 1.64.169.124[500] to 182.239.81.68[1011] (432 bytes)
      May 24 11:37:07 charon: 11[IKE] <con1|5>received retransmit of request with ID 0, retransmitting response
      May 24 11:37:07 charon: 11[IKE] <con1|5>received retransmit of request with ID 0, retransmitting response
      May 24 11:37:07 charon: 11[NET] <con1|5>received packet: from 182.239.81.68[1011] to 1.64.169.124[500] (894 bytes)
      May 24 11:37:05 charon: 11[NET] <con1|5>sending packet: from 1.64.169.124[500] to 182.239.81.68[1011] (432 bytes)
      May 24 11:37:05 charon: 11[IKE] <con1|5>sending retransmit 2 of response message ID 0, seq 1
      May 24 11:37:05 charon: 11[IKE] <con1|5>sending retransmit 2 of response message ID 0, seq 1
      May 24 11:37:04 charon: 11[NET] <con1|5>sending packet: from 1.64.169.124[500] to 182.239.81.68[1011] (432 bytes)
      May 24 11:37:04 charon: 11[IKE] <con1|5>received retransmit of request with ID 0, retransmitting response
      May 24 11:37:04 charon: 11[IKE] <con1|5>received retransmit of request with ID 0, retransmitting response</con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5></con1|5>

      1 Reply Last reply Reply Quote 0
      • G
        gerdesj
        last edited by

        Have you read the release notes on changes from 2.1 to 2.2?  Have you read other posts on this forum?  Some config examples might help.

        Anyway, check your phase 1 settings at both ends.  If NAT is involved at either end then that may have worked 2.1 to 2.1 but won't with 2.2, you will have to set the identifiers accordingly.

        There is an IPSEC debugging guide here https://doc.pfsense.org/index.php/IPsec_Troubleshooting .

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.