Re: [pfSense] 2.2.6 - Lost LAN conection when IPSEC tunnel is conected only first time booting

2016-03-30 Thread Nicolas Fabris
No very nice solution, but making a script.sh in /usr/local/etc/rc.d with lines:

sleep 40
ipsec stop
sleep 5
ipsec start

All goes OK.

For some reason, traffic FROM LAN to LAN IP of pfSense try to go via IPSEC 
TUNNEL (10.0.0.0/8) first time after rebooting Strange.


Lic. Nicolas A. Fabris
Seguridad Informática
Gcia. De Procesos y Sistemas
O.S.P.R.E.R.A.
OO4312-2500 Int. 3119
nicolas.fab...@osprera.org.ar

-Mensaje original-
De: List [mailto:list-boun...@lists.pfsense.org] En nombre de Marcio Vogel 
Merlone dos Santos
Enviado el: martes, 29 de marzo de 2016 03:12 p.m.
Para: list@lists.pfsense.org
Asunto: Re: [pfSense] 2.2.6 - Lost LAN conection when IPSEC tunnel is conected 
only first time booting

Em 23-03-2016 11:03, Marcio Vogel Merlone dos Santos escreveu:
> Em 15-03-2016 11:14, Nicolas Fabris escreveu:
>> I have an strange issue.
>>
>> Details:
>> LAN IP pfSense: 10.133.30.1
>>
>> TUNNEL IPSEC: Phase 2
>> Local Network LAN Subnet
>> Remote Network 10.0.0.0/8
>>
>> Advanced setting Enable bypasslan for LAN checked.
>>
>> When IPSEC tunnel is on, I lost ping from LAN to LAN IP 
>> (10.133.30.1), something like traffic going to 10.x.x.x. is tryning 
>> to go by IPSEC TUNNEL I think, and not working OK the 
>> bypass for LAN option.
>> If I restart ipsec services, have no more problems, but have to do 
>> this manually every time after reboot.
> Bizarre, as is my situation.
>
> I have a remote site connected by a ipsec tunnel to my main office, 
> both using pfSense 2.2.6. Whenever the tunnel disconects for whatever 
> reason, after some seconds all local stations on remote site are also 
> disconnected (Windows reports network cable unpluged, "X" mark on 
> network icon near the clock!) for some seconds and then reconnects 
> happily as if nothing happened.
>
> Just observed that yesterday after many user complains and am starting 
> to scratch my head now.
>
> This looks very similar to your problem, I don't have a solution yet.

For the record and my shame, I have an IP Phone between that specific station 
and the network. When VPN goes down the phone looses connection with the office 
and then... reboots, causing the disconnection of the station.

Check if your case has any similarity.

Best regards and good luck.

--
*Marcio Merlone*
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold


Re: [pfSense] 2.2.6 - Lost LAN conection when IPSEC tunnel is conected only first time booting

2016-03-29 Thread Marcio Vogel Merlone dos Santos

Em 23-03-2016 11:03, Marcio Vogel Merlone dos Santos escreveu:

Em 15-03-2016 11:14, Nicolas Fabris escreveu:

I have an strange issue.

Details:
LAN IP pfSense: 10.133.30.1

TUNNEL IPSEC: Phase 2
Local Network LAN Subnet
Remote Network 10.0.0.0/8

Advanced setting Enable bypasslan for LAN checked.

When IPSEC tunnel is on, I lost ping from LAN to LAN IP 
(10.133.30.1), something like traffic going to 10.x.x.x. is tryning 
to go by IPSEC TUNNEL I think, and not working OK the 
bypass for LAN option.
If I restart ipsec services, have no more problems, but have to do 
this manually every time after reboot.

Bizarre, as is my situation.

I have a remote site connected by a ipsec tunnel to my main office, 
both using pfSense 2.2.6. Whenever the tunnel disconects for whatever 
reason, after some seconds all local stations on remote site are also 
disconnected (Windows reports network cable unpluged, "X" mark on 
network icon near the clock!) for some seconds and then reconnects 
happily as if nothing happened.


Just observed that yesterday after many user complains and am starting 
to scratch my head now.


This looks very similar to your problem, I don't have a solution yet.


For the record and my shame, I have an IP Phone between that specific 
station and the network. When VPN goes down the phone looses connection 
with the office and then... reboots, causing the disconnection of the 
station.


Check if your case has any similarity.

Best regards and good luck.

--
*Marcio Merlone*
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold


Re: [pfSense] 2.2.6 - Lost LAN conection when IPSEC tunnel is conected only first time booting

2016-03-23 Thread Marcio Vogel Merlone dos Santos

Em 15-03-2016 11:14, Nicolas Fabris escreveu:

I have an strange issue.

Details:
LAN IP pfSense: 10.133.30.1

TUNNEL IPSEC: Phase 2
Local Network LAN Subnet
Remote Network 10.0.0.0/8

Advanced setting Enable bypasslan for LAN checked.

When IPSEC tunnel is on, I lost ping from LAN to LAN IP (10.133.30.1), 
something like traffic going to 10.x.x.x. is tryning to go by IPSEC TUNNEL I 
think, and not working OK the bypass for LAN option.
If I restart ipsec services, have no more problems, but have to do this 
manually every time after reboot.

Bizarre, as is my situation.

I have a remote site connected by a ipsec tunnel to my main office, both 
using pfSense 2.2.6. Whenever the tunnel disconects for whatever reason, 
after some seconds all local stations on remote site are also 
disconnected (Windows reports network cable unpluged, "X" mark on 
network icon near the clock!) for some seconds and then reconnects 
happily as if nothing happened.


Just observed that yesterday after many user complains and am starting 
to scratch my head now.


This looks very similar to your problem, I don't have a solution yet.

Regards.

--
*Marcio Merlone*
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold


Re: [pfSense] 2.2.6 - Lost LAN conection when IPSEC tunnel is conected only first time booting

2016-03-20 Thread Morten Christensen

Den 15/03/2016 15.14, skrev Nicolas Fabris:

Good morning everyone.

I have an strange issue.

Details:
LAN IP pfSense: 10.133.30.1

TUNNEL IPSEC: Phase 2
Local Network LAN Subnet
Remote Network 10.0.0.0/8



Any idea ?
My bet is, that the "/8" on the remote network routes all traffic to the 
whole 10.x.x.x-block throug the tunnel including the 10.133.30.x LAN.


--
mvh Morten Christensen
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold


Re: [pfSense] 2.2.6 - Lost LAN conection when IPSEC tunnel is conected only first time booting

2016-03-19 Thread Alfredo Tapia Sabogal
Probably your cable or nic may have a problem

Regards

Alfredo Tapia Sabogal
El mar 15, 2016 9:15 AM, "Nicolas Fabris" 
escribió:

> Good morning everyone.
>
> I have an strange issue.
>
> Details:
> LAN IP pfSense: 10.133.30.1
>
> TUNNEL IPSEC: Phase 2
> Local Network LAN Subnet
> Remote Network 10.0.0.0/8
>
> Advanced setting Enable bypasslan for LAN checked.
>
> When IPSEC tunnel is on, I lost ping from LAN to LAN IP (10.133.30.1),
> something like traffic going to 10.x.x.x. is tryning to go by IPSEC TUNNEL
> I think, and not working OK the bypass for LAN option.
> If I restart ipsec services, have no more problems, but have to do this
> manually every time after reboot.
>
> Any idea ?
>
> Thanks in advance
>
> Lic. Nicolas A. Fabris
> Seguridad Informática
> Gcia. De Procesos y Sistemas
> O.S.P.R.E.R.A.
> OO4312-2500 Int. 3119
> nicolas.fab...@osprera.org.ar
>
>
>
> ___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

[pfSense] 2.2.6 - Lost LAN conection when IPSEC tunnel is conected only first time booting

2016-03-15 Thread Nicolas Fabris
Good morning everyone.

I have an strange issue.

Details:
LAN IP pfSense: 10.133.30.1

TUNNEL IPSEC: Phase 2 
Local Network LAN Subnet
Remote Network 10.0.0.0/8

Advanced setting Enable bypasslan for LAN checked.

When IPSEC tunnel is on, I lost ping from LAN to LAN IP (10.133.30.1), 
something like traffic going to 10.x.x.x. is tryning to go by IPSEC TUNNEL I 
think, and not working OK the bypass for LAN option.
If I restart ipsec services, have no more problems, but have to do this 
manually every time after reboot.

Any idea ?

Thanks in advance

Lic. Nicolas A. Fabris
Seguridad Informática
Gcia. De Procesos y Sistemas
O.S.P.R.E.R.A.
OO4312-2500 Int. 3119
nicolas.fab...@osprera.org.ar



___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold