Hello,
We are having difficulties to have a stable site to site VPN.
The 2 sites have a static public IP, they are however connected behind a
NAT (ADSL line)
A few days ago, we started having issue where all tunnels would randomly
goes down and would not recover.
We then decided to give a try at 2.2. Therefore i've modified the VPN to
use ike v2 (as recommended in upgrade notes). I've also disabled the
Unity addon (via GUI, not renamed the file).
But the problem continue. Here is what happens:
It looks like the same phase 2 are negociated, again and again without
ending.
The logs are not showing anything obvious to me, just that it creates SA
again and again...
When we disable ipsec on both site, then re-enable, the tunnel establish
fine and connectivity is working.
But then, after random time (1h, 9h ...) it fails and often start
creating tons of tunnel like on the screenshot.
Anyone ever had similar issue and can recommend something?
The root cause might be that the internet line of one of the site (or
maybe both) is something getting bad, but we believe the pfsense should
be able to recover by himself somehow and not require each time a manual
intervention to stabilize the situation ...
Thanks
tibz
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
