Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    2 IPsec via two WAN connections, one is stable, the other does not rekey sometim

    IPsec
    2
    3
    469
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      stegbth last edited by

      Hi,

      i have craeted two IPsec/GRE connections between two PFsense 2.2.3.
      the main connections has the official IP on the CARP Interface to the other officical CARP IP on the other side.
      Authentication is done via PSK. This connection with IPsec transport mode is stable.

      the second connections get's connected with a separate PPPoe router in front and connects  to the same pfsense above, where this is also setup behind nat. In the testsetup the IPs are fixed, but when going production i could change from time to time on one side.
      Authentication is done with X509 certificates over this connection and the tunnel is working with IPsec tunnel mode (cause i want the Phase2 going between the two inofficial IPs.

      The problem with this tunnel is, sometimes there is no rekeying and on status/ipsec there is now P2 setup. P1 is there, but the tunnel itself is missing.

      How can i overcome this stability problem?
      Thomas

      1 Reply Last reply Reply Quote 0
      • C
        cmb last edited by

        What do the IPsec logs show?

        1 Reply Last reply Reply Quote 0
        • S
          stegbth last edited by

          Hi cmb,

          thanks i have to restart the system and then wait for the error.

          thank you
          Thomas

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy