Hello, I apologize if this issue was already the subject here. I am using pfSense 1.2.2 and the issue was the same in 1.2.1, ever since upgraded from 1.2. Client VPN (SafeNet) is disconnected after about 2 min. This is very consistent and tested from multiple VPN client computers. Here is the log:
2/1/2009 9:30:16 AM racoon: [Unknown Gateway/Dynamic]: INFO: respond new phase 1 negotiation: 74.219.100.2[500]<=>76.189.241.19[500] 2/1/2009 9:30:16 AM racoon: INFO: begin Aggressive mode. 2/1/2009 9:30:16 AM racoon: INFO: received Vendor ID: DPD 2/1/2009 9:30:16 AM racoon: INFO: received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt 2/1/2009 9:30:16 AM racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-00 2/1/2009 9:30:16 AM racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02 2/1/2009 9:30:16 AM racoon: INFO: Adding xauth VID payload. 2/1/2009 9:30:16 AM racoon: WARNING: ignore REPLAY-STATUS notification. 2/1/2009 9:30:16 AM racoon: WARNING: ignore INITIAL-CONTACT notification, because it is only accepted after phase1. 2/1/2009 9:30:16 AM racoon: [Unknown Gateway/Dynamic]: INFO: ISAKMP-SA established 74.219.100.2[500]-76.189.241.19[500] spi:d59e2b06120dcc3a:ed56224e991f23ce 2/1/2009 9:30:17 AM racoon: INFO: respond new phase 2 negotiation: 74.219.100.2[0]<=>76.189.241.19[0] 2/1/2009 9:30:17 AM racoon: [Unknown Gateway/Dynamic]: INFO: no policy found, try to generate the policy : 172.18.20.238/32[0] 192.168.0.0/16[0] proto=any dir=in 2/1/2009 9:30:17 AM racoon: [Unknown Gateway/Dynamic]: INFO: IPsec-SA established: ESP 76.189.241.19[0]->74.219.100.2[0] spi=33213064(0x1faca88) 2/1/2009 9:30:17 AM racoon: INFO: IPsec-SA established: ESP 74.219.100.2[0]->76.189.241.19[0] spi=1306679316(0x4de25814) 2/1/2009 9:30:17 AM racoon: [Unknown Gateway/Dynamic]: ERROR: such policy does not already exist: "172.18.20.238/32[0] 192.168.0.0/16[0] proto=any dir=in" 2/1/2009 9:30:17 AM racoon: [Unknown Gateway/Dynamic]: ERROR: such policy does not already exist: "192.168.0.0/16[0] 172.18.20.238/32[0] proto=any dir=out" 2/1/2009 9:32:41 AM racoon: INFO: DPD: remote (ISAKMP-SA spi=d59e2b06120dcc3a:ed56224e991f23ce) seems to be dead. 2/1/2009 9:32:41 AM racoon: INFO: generated policy, deleting it. 2/1/2009 9:32:42 AM racoon: [Unknown Gateway/Dynamic]: INFO: ISAKMP-SA deleted 74.219.100.2[500]-76.189.241.19[500] spi:d59e2b06120dcc3a:ed56224e991f23ce I would appreciate if somebody can help Alex Randjelovic