Hello I am trying to fix up an IPSEC tunnel that fails to pass traffic. My end is pfSense 2.2.4. I tried disabling it but as the following shows:
[shell prompt]/var/etc/ipsec: grep "con31000" ipsec.conf (no output) [shell prompt]/var/etc/ipsec: ipsec status | grep "con31000" con31000[10223]: ESTABLISHED 28 minutes ago, 78.33.156.249[78.33.156.249]...93.191.32.78[93.191.32.78] con31000{2152}: INSTALLED, TUNNEL, reqid 2, ESP SPIs: c92c0333_i 0cfa2756_o con31000{2152}: 192.168.100.0/24|/0 === 172.20.50.0/24|/0 It is still there in some sense. I disabled it by clicking on the green arrow head next to the Phase 1 definition and then applied changes. The config has vanished from ipsec.conf but ipsec status shows the connection as still alive. I can manually drop the connection and re establish it but traffic still fails to pass through it. I have no control over the other end and am now trying out disabling it for P2 timeout (1 hour) to see if that "fixes" it. I get this every time after my end crashes after running out of swap but that's another issue. Is there anything else I can do to get this tunnel to reconnect after a crash? Cheers Jon _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold