OPNsense Forum
English Forums => General Discussion => Topic started by: MikeA on November 18, 2015, 04:46:07 pm
-
I have a site to site vpn tunnel up and running just fine with one phase 2 tunnel. I'm trying to add another Phase 2 tunnel, but for whatever reason, I can't get the 2 tunnels to work at the same time. If I disable Tunnel #1 and reconnect Tunnel #2 works. If I re-enable Tunnel #1 and disable Tunnel #2 it works. When both Tunnels are enable, only Tunnel #1 will work.
Both tunnels are on separate subnets.
Any help would on what I can do next would be greatly appreciated.
Thank you.
-
Can you send as anonymized the logs?
-
Where would I find the logs to send?
-
Both tunnels are on separate subnets.
Are both sides the same hard/software running?
Many IPSec setups have problems with more than 1 phase-2 tunnels, but work fine with seperate tunnels, i.e. 1 tunnel (with phase 1+2) for each subnet.
e.g.:
Site 1 with LAN 1 --- tunnel --- Site 2 with LAN 2
Site 1 with LAN 1 --- tunnel --- Site 2 with LAN 3
Site 1 with LAN 1 --- tunnel --- Site 2 with LAN 4 behind static route on LAN 2
Site 1 with LAN 1 --- tunnel --- Site 2 with LAN 5 behind static route on LAN 3
-
Actually not sure what the other side is running, but I can find out. This worked on both my Sonicwall and pfSense with no problems.
The tunnel shows that it's up and connected, just no traffic.
-
I'll gladly supply the logs if you point me in the direction of acquiring them.
-
I have a site to site vpn tunnel up and running just fine with one phase 2 tunnel. I'm trying to add another Phase 2 tunnel, but for whatever reason, I can't get the 2 tunnels to work at the same time.
This is a known issue which will be fixed with release 15.7.21 in a few days, see https://forum.opnsense.org/index.php?topic=1774.msg5552 (https://forum.opnsense.org/index.php?topic=1774.msg5552) for further details.
Regards
- Frank