On Wed, Jul 17, 2013 at 9:16 AM, Peter Milazzo < peter.mila...@somersetcapital.com> wrote:
> there. So there is already an IPsec tunnel running (which I disable) > and 2 WAN connections using gateway group for failover. Could there be > some sort of conflict with the IPsec even though I disable it? > I did this last weekend. I discovered that even though I disabled the IPsec tunnel I was replacing with OpenVPN, the IPSEC policy rules were not removed. You can see them with setkey -DP. I ended up just turning IPsec off and back on, and those entries were not added back. I'm sure I could have just removed those entries individually using setkey, but it was quicker for me to just restart it. In short, when you disable an IPsec tunnel, pfSense 2.0 does not remove the associated policy entries that already exist. I do not know if 2.1 has the same behavior. Disabling IPsec entirely removes all policy entries.
_______________________________________________ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
