IPSec/L2TP on 2.2.3 broken?



  • I'm running a few pfsense as vpn/fw using 2.2.2 version. After upgrading for this morning to 2.2.3 my IPSec/L2TP my vpn is broken. Does anyone experiencing the same?  There is no information on l2tp starting on the logs. Something is different.

    Some logs:

    Jun 25 15:07:35 charon: 02[IKE] <con1|3>deleting IKE_SA con1[3] between 162.XXX.XXX.184[162.XXX.XXX.184]…191.XXX.XXX.97[191.XXX.XXX.97]
    Jun 25 15:07:35 charon: 02[IKE] <con1|3>deleting IKE_SA con1[3] between 162.XXX.XXX.184[162.XXX.XXX.184]…191.XXX.XXX.97[191.XXX.XXX.97]
    Jun 25 15:07:35 charon: 02[IKE] <con1|3>received DELETE for IKE_SA con1[3]
    Jun 25 15:07:35 charon: 02[IKE] <con1|3>received DELETE for IKE_SA con1[3]
    Jun 25 15:07:35 charon: 02[ENC] <con1|3>parsed INFORMATIONAL_V1 request 285074821 [ HASH D ]
    Jun 25 15:07:35 charon: 02[NET] <con1|3>received packet: from 191.XXX.XXX.97[500] to 162.XXX.XXX.184[500] (92 bytes)
    Jun 25 15:07:35 charon: 11[IKE] <con1|3>closing CHILD_SA con1{3} with SPIs c0a86ce2_i (0 bytes) 0ea40bf5_o (0 bytes) and TS 162.XXX.XXX.184/32|/0[udp/l2f] === 191.XXX.XXX.97/32|/0[udp/51531]
    Jun 25 15:07:35 charon: 11[IKE] <con1|3>closing CHILD_SA con1{3} with SPIs c0a86ce2_i (0 bytes) 0ea40bf5_o (0 bytes) and TS 162.XXX.XXX.184/32|/0[udp/l2f] === 191.XXX.XXX.97/32|/0[udp/51531]
    Jun 25 15:07:35 charon: 11[IKE] <con1|3>received DELETE for ESP CHILD_SA with SPI 0ea40bf5
    Jun 25 15:07:35 charon: 11[IKE] <con1|3>received DELETE for ESP CHILD_SA with SPI 0ea40bf5
    Jun 25 15:07:35 charon: 11[ENC] <con1|3>parsed INFORMATIONAL_V1 request 1492790087 [ HASH D ]
    Jun 25 15:07:35 charon: 11[NET] <con1|3>received packet: from 191.XXX.XXX.97[500] to 162.XXX.XXX.184[500] (76 bytes)
    Jun 25 15:07:25 charon: 11[ENC] <con1|3>parsed INFORMATIONAL_V1 request 3460051619 [ HASH N(DPD_ACK) ]
    Jun 25 15:07:25 charon: 11[NET] <con1|3>received packet: from 191.XXX.XXX.97[500] to 162.XXX.XXX.184[500] (92 bytes)
    Jun 25 15:07:25 charon: 11[NET] <con1|3>sending packet: from 162.XXX.XXX.184[500] to 191.XXX.XXX.97[500] (92 bytes)
    Jun 25 15:07:25 charon: 11[ENC] <con1|3>generating INFORMATIONAL_V1 request 1605134724 [ HASH N(DPD) ]
    Jun 25 15:07:25 charon: 11[IKE] <con1|3>sending DPD request
    Jun 25 15:07:25 charon: 11[IKE] <con1|3>sending DPD request
    Jun 25 15:07:15 charon: 09[IKE] <con1|3>CHILD_SA con1{3} established with SPIs c0a86ce2_i 0ea40bf5_o and TS 162.XXX.XXX.184/32|/0[udp/l2f] === 191.XXX.XXX.97/32|/0[udp/51531]
    Jun 25 15:07:15 charon: 09[IKE] <con1|3>CHILD_SA con1{3} established with SPIs c0a86ce2_i 0ea40bf5_o and TS 162.XXX.XXX.184/32|/0[udp/l2f] === 191.XXX.XXX.97/32|/0[udp/51531]</con1|3></con1|3></con1|3></con1|3></con1|3></con1|3></con1|3></con1|3></con1|3></con1|3></con1|3></con1|3></con1|3></con1|3></con1|3></con1|3></con1|3></con1|3></con1|3></con1|3>



  • Hi!

    SNAP!

    I just posted a few seconds after you - I'm having the same issue!

    -=david=-



  • Same issue




Log in to reply