[SOLVED] losing connection in ipsec phase 2
-
Hi all,
we are currently having big problems losing phase 2 connections on some of our ipsec tunnels.
Our systems: pfsense 2.2.6 on SG-2240, SG-4680 1U, C2758 1U
Several times a day the tunnels are going down, phase 1 is still connected, phase 2 is disconnected. It can be restartet manually or after some it restarts automatically.
In the web configuration (Status -> IPSec) the tunnel is connected, but there are no child SA entries anymore.Configuration on both ends is exactly the same (lifetime, protocols…).
Does anyone having the same problems can give a hint solving this?
Regards!
-
I have similar problem. We have two phase 2 connections defined. Sometimes one of the two (randomly) is lost and not established again.
Restart the VPN tunnel and all is ok.Also we have V 2.2.6 running.
-
our config:
IKEv1
phase 1:
PSK
main
AES 256
SHA256
DH group 5
Lifetime 7800
NAT-T Auto
Enable DPD (10/5)phase 2:
ESP
AES 256
SHA256
Dh group 5
Lifetime 3600
Ping host
-
On friday we switched on IKEv2 - no problems since then
-
On friday we switched on IKEv2 - no problems since then
Hi,
i have the same issue, but how you can change from IKEv1 to IKEv2?
Is that option show at the Phase 1 entry or the Phase 2 entry?
-
You can change this on the Phase 1 page.