OPNsense Forum

English Forums => General Discussion => Topic started by: max1m0 on March 26, 2019, 10:16:26 am

Title: VPN IPsec issues
Post by: max1m0 on March 26, 2019, 10:16:26 am

Hello All good people,

I have issues with VPN IPsec. After successfully established a VPN tunnel, everything works without any issues then after a certain time, my terminal (ssh) just freezes on a remotely connected computer. I tried to ping the remote server and there is no reply then after some times it just continues to work. VPN logs do not show anything. I can see from logs that we are still connected. Other side admin told me that he can see also that we are connected.

Here is information about my OPNsense device:

OPNsense 19.1.4-amd64
FreeBSD 11.2-RELEASE-p9-HBSD
OpenSSL 1.0.2r 26 Feb 2019

Another side is the Checkpoint Firewall which I do not have any information.

LOGS:
Mar 26 10:15:01   charon: 12[NET] <con2|369> sending packet: from 192.168.100.10[500] to 202.158.42.10[500] (60 bytes)
Mar 26 10:15:01   charon: 12[ENC] <con2|369> generating QUICK_MODE request 3685036918 [ HASH ]
Mar 26 10:15:01   charon: 12[IKE] <con2|369> CHILD_SA con2{205} established with SPIs c80b9bff_i de8be4d3_o and TS 10.1.0.0/16 === 192.168.21.0/28
Mar 26 10:15:01   charon: 12[CFG] <con2|369> selected proposal: ESP:3DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ
Mar 26 10:15:01   charon: 12[ENC] <con2|369> parsed QUICK_MODE response 3685036918 [ HASH SA No ID ID ]
Mar 26 10:15:01   charon: 12[NET] <con2|369> received packet: from 202.158.42.10[500] to 192.168.100.10[500] (164 bytes)
Mar 26 10:15:01   charon: 12[IKE] <con2|369> received retransmit of response with ID 0, but next request already sent
Mar 26 10:15:01   charon: 12[NET] <con2|369> received packet: from 202.158.42.10[500] to 192.168.100.10[500] (68 bytes)
Mar 26 10:15:01   charon: 12[IKE] <con2|369> received retransmit of response with ID 0, but next request already sent
Mar 26 10:15:01   charon: 12[NET] <con2|369> received packet: from 202.158.42.10[500] to 192.168.100.10[500] (68 bytes)

Title: Re: VPN IPsec issues
Post by: ian.bugeja on August 20, 2022, 09:28:44 am

Any pointers what you did to establish connection to the checkpoint VPN please? I can't seem to arrive at that stage.

Connection succeeds but no data is received so it drops seconds later.