Helo, I inherited three pfsense setups at three locations of the same company. pfSense itself is working perfectly well, only the ipsec is causing the troubles.
Description: office1 - two modern PCs, 20/20mbit link, carp setup office2 - two older PCs, 60/20 link, carp setup servers - two modern 1U machines, gigabit backbone, carp setup for comparison, my home really old pc on 2mbit link All these four locations are attached to different ISPs. Office1 needs ipsec tunnel to servers and to subnet in office2. I have tunnels from home to servers and to office1. All ipsec tunnels are set up in the same way: aggresive negotiation, AES encryption, preshared key, sha1 hash, dh key group 5, lifetime >=6h. Yet all behave differently: office1 to office2: works most of the time, unless when it doesn't - it goes blank for minutes at a time and then comes back. office1 to servers: works, but typing 'dmesg' or something else with lots of output freezes the ssh session over it. It never freezes if left idle. Sshing to the same machine over public ip does not exhibit this problem. home to servers: no problems whatsoever. home to office1: doesn't work at all. Before I dive into ipsec docs and logs, I'd like to ask if there is anything I should check between ISPs to see if they're somehow interfering with our tunnels. I find it confusing that different tunnels, set up in the same way, behave differently. -- Jure Pečar http://jure.pecar.org/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
