Print Page - 23.1.11 update broke IPsec tunnels

Title: 23.1.11 update broke IPsec tunnels
Post by: victor.diuk on July 10, 2023, 11:52:21 AM

Good day, folks!

After updating to version 23.1.11, IPsec (IKEv2) started acting weird. I have configured in Tunnels, in the second phase, access to two internal subnets. Now after the update, only access to one subnet out of two works. And now what i can do?

Now, I'm looking at the connection status in the "Status Information" tab, and there, behind my connection, only one subnet is visible in the second phase!

Title: Re: 23.1.11 update broke IPsec tunnels
Post by: victor.diuk on July 10, 2023, 12:06:10 PM

Update (fixed)

Strange bug after all. What im did:

1) Disabled first local subnet in Phase 2;
2) Pushed to restart IPsec service;
3) Connected to VPN, checked this second network, which was unreachable, now it is reachable;
4) Disconnected;
5) Enabled first network in Phase 2;
6) Pushed to restart IPsec service;
7) Now "Status information" shows me that i have both networks access in Phase 2;
8) My laptop shows me both networks reachable...

Title: Re: 23.1.11 update broke IPsec tunnels
Post by: Patrick M. Hausen on July 10, 2023, 12:06:38 PM

Have you tried to enable or disable tunnel isolation? I mean change your current setting to the other option.

OPNsense Forum

Archive => 23.1 Legacy Series => Topic started by: victor.diuk on July 10, 2023, 11:52:21 AM