Benjamin Fromme wrote: > Hi List, > > we have several tunnels between some pfsense 1.2.2 boxes. For phase 2 we > have configured AES256 as the only encryption algorithm and everything works > fine. > > Now we upgrade one of the boxes to pfsense 1.2.3RC1 and all tunnels on > this box are broken. The 1.2.2 boxes show the tunnel as working, on the > 1.2.3RC1 box we see the following in the logs: > [snip] > When we configure the tunnels with 3DES instead of AES every works fine > again?! Any ideas? Thanks!
Can you try a more recent 1.2.3-RC snapshot based on FreeBSD 7.2? ipsec-tools was upgraded to a version from their CVS tree, 0.8-something. It's been working great for me, it fixed a lot of DPD/Peer Loss issues, and seems to work fine. I haven't tried it with AES yet, but it may help in your situation. Jim --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org