4. 2 IPsec via two WAN connections, one is stable, the other does not rekey sometim

2 IPsec via two WAN connections, one is stable, the other does not rekey sometim

  • S

    Hi,

    i have craeted two IPsec/GRE connections between two PFsense 2.2.3.
    the main connections has the official IP on the CARP Interface to the other officical CARP IP on the other side.
    Authentication is done via PSK. This connection with IPsec transport mode is stable.

    the second connections get's connected with a separate PPPoe router in front and connects  to the same pfsense above, where this is also setup behind nat. In the testsetup the IPs are fixed, but when going production i could change from time to time on one side.
    Authentication is done with X509 certificates over this connection and the tunnel is working with IPsec tunnel mode (cause i want the Phase2 going between the two inofficial IPs.

    The problem with this tunnel is, sometimes there is no rekeying and on status/ipsec there is now P2 setup. P1 is there, but the tunnel itself is missing.

    How can i overcome this stability problem?
    Thomas

    0
  • C

    What do the IPsec logs show?

    0
  • S

    Hi cmb,

    thanks i have to restart the system and then wait for the error.

    thank you
    Thomas

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy