Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Fresh 2.3 with 2.2.6 config - Log spam "unable to find ipsec daemon leases…"

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    3 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • 2 Offline
      2chemlud Banned
      last edited by

      Hi I have a fresh install of 2.3 i368 full with an imported config.xml from 2.2.6, which has two IPsec tunnels configured, but disabled. Doing fine so far (even populating the firewall logs now :-D ), but the log is spammed by permanent

      "unable to find ipsec daemon leases file", see below.

      Any hint what to do to stop this?

      Many thanx in advance!

      chemlud
      ![2.3 ipsec log spam.JPG_thumb](/public/imported_attachments/1/2.3 ipsec log spam.JPG_thumb)
      ![2.3 ipsec log spam.JPG](/public/imported_attachments/1/2.3 ipsec log spam.JPG)

      1 Reply Last reply Reply Quote 0
      • jimpJ Offline
        jimp Rebel Alliance Developer Netgate
        last edited by

        The tunnels being disabled is likely the source of that. The daemon isn't running, so the file isn't there, so there is nothing for the widget to fetch so it can report.

        Either remove the IPsec widget or enable a tunnel.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • 2 Offline
          2chemlud Banned
          last edited by

          Hi again! :-)

          I enabled a tunnel, but the connection did not come up, although the other side is online, too… Dunno why the tunnel does not connect, was functional in 2.1.x, but disabled since then.

          On the 2.2.6 pFsense I have in the log:
          charon: 08[IKE] <con2000|1>sending retransmit 5 of request message ID 0, seq 3

          Debugging IPsec is no fun….

          What is this widget-thing? I didn't install anything!</con2000|1>

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.