Hello
I am trying to fix up an IPSEC tunnel that fails to pass traffic. My
end is pfSense 2.2.4. I tried disabling it but as the following shows:
[shell prompt]/var/etc/ipsec: grep "con31000" ipsec.conf
(no output)
[shell prompt]/var/etc/ipsec: ipsec status | grep "con31000"
con31000[10223]: ESTABLISHED 28 minutes ago,
78.33.156.249[78.33.156.249]...93.191.32.78[93.191.32.78]
con31000{2152}: INSTALLED, TUNNEL, reqid 2, ESP SPIs: c92c0333_i
0cfa2756_o
con31000{2152}: 192.168.100.0/24|/0 === 172.20.50.0/24|/0
It is still there in some sense. I disabled it by clicking on the green
arrow head next to the Phase 1 definition and then applied changes. The
config has vanished from ipsec.conf but ipsec status shows the
connection as still alive. I can manually drop the connection and re
establish it but traffic still fails to pass through it.
I have no control over the other end and am now trying out disabling it
for P2 timeout (1 hour) to see if that "fixes" it. I get this every
time after my end crashes after running out of swap but that's another
issue.
Is there anything else I can do to get this tunnel to reconnect after a
crash?
Cheers
Jon
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
