>>> > There exists an IPSEC bug in pfSense 2.1 > > When the router's modem is restarted, the IPSEC tunnel fails to come back > up. > > This bug is documented in the following places by numerous people: > > https://redmine.pfsense.org/issues/3321 > http://forum.pfsense.org/index.php/topic,69235.0.html > http://forum.pfsense.org/index.php/topic,68776.0.html > http://forum.pfsense.org/index.php/topic,67929.0.html > http://forum.pfsense.org/index.php/topic,67625.0.html > > Regards, > Christian Borchert
Christian I run an awful lot of IPSEC tunnels and I generally don't get the problem you describe in your trouble ticket which is not the same as the fault that is barely described in the first forum posting you link. The rest are TL;DR for me. Please try disabling DPD at both ends and set the address that you ping to any address other than those on the other end's router - that address doesn't even have to exist, it just has to be within the remote subnet but not one that is bound to the router doing the IPSEC. Incidentally your report in Redmine does not describe what the other end actually is - is it another pfSense box or something else? Cheers Jon Registered Address : Blueloop House, Ilchester Road, YEOVIL, BA21 3AA Registered England & Wales - 3981322 CONFIDENTIAL INFORMATION This e-mail and any files attached with it are confidential and for the sole use of the intended recipient(s). If you are not the intended recipient(s) you are prohibited from using, copying or distributing this or any information contained in it and should immediately notify the sender and delete the message from your system. Internet communications are not secure and Blueloop Limited is not responsible for unauthorised use by third parties nor for alteration or corruption in transmission. Furthermore, while Blueloop Limited have taken reasonable precautions to minimise the risk of software viruses, it cannot accept liability for any damage which you may suffer as a result of such viruses, and we therefore recommend you carry out your own virus checks on receipt of any e-mail. _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
