On Mon, Mar 23, 2015 at 9:34 AM, Christopher CUSE <cc...@ccuse.com> wrote: > > On 03/23/2015 03:03 PM, mayak wrote: >> >> On 03/22/2015 12:38 AM, Bryan D. wrote: >>> >>> We've had a pfSense-to-pfSense "always on" IPsec VPN connecting 2 offices >>> since 2008 (pfSense 1.2 IIRC) and it's: >>> - been ultra reliable (if VPN is down, suspect ISP issue or pfSense box >>> failure) >>> - it's been quick to connect (about 1 second, almost unnoticeable) >>> - it's worked across numerous upgrades without issue (nice!) >>> >>> Beginning with pfSense v2, we added multiple P2s at each end (still same >>> reliability, etc.). >>> >>> One of the offices has had its hardware updated and its pfSense updated >>> to 2.2 then 2.2.1 (after testing to see whether we seemed to be affected by >>> the "multiple P2 issue" noted in the upgrade page -- we're OK on that one). >>> This connection has continued to work with the same characteristics as >>> before. The 2.2.1 system is 64-bit and the other end is v2.1.5 32-bit >>> >>> We recently added a second site-to-site IPsec VPN, essentially the same >>> as the existing one except both sides are pfSense v2.2.1 (but other end is >>> 32-bit) and stronger algorithms are being used and P1 is set to v2 >>> (supposedly avoiding any "multiple P2" issues). >> >> <snip> >> >> i have to say that i am also experiencing this. i'm in the process of >> installing smokeping to prove connectivity is good between the public ip >> endpoints between various vpns. >> >> will report back with those results. >> >> thanks >> >> m > > > just got dropped again -- fourth time in last few hours -- something is > definitely wrong. > > upgraded all my pfsenses to 2.2.1 over the weekend. >
Go to System>Advanced, System Tunables, and add a new tunable there. Name net.key.preferred_oldsa, value 0, then save and apply changes. That have any impact on things? _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
