Show Posts
1
General Discussion / VPN IPsec issues
« on: March 26, 2019, 10:16:26 am »
Hello All good people,
I have issues with VPN IPsec. After successfully established a VPN tunnel, everything works without any issues then after a certain time, my terminal (ssh) just freezes on a remotely connected computer. I tried to ping the remote server and there is no reply then after some times it just continues to work. VPN logs do not show anything. I can see from logs that we are still connected. Other side admin told me that he can see also that we are connected.
Here is information about my OPNsense device:
OPNsense 19.1.4-amd64
FreeBSD 11.2-RELEASE-p9-HBSD
OpenSSL 1.0.2r 26 Feb 2019
Another side is the Checkpoint Firewall which I do not have any information.
LOGS:
Mar 26 10:15:01 charon: 12[NET] <con2|369> sending packet: from 192.168.100.10[500] to 202.158.42.10[500] (60 bytes)
Mar 26 10:15:01 charon: 12[ENC] <con2|369> generating QUICK_MODE request 3685036918 [ HASH ]
Mar 26 10:15:01 charon: 12[IKE] <con2|369> CHILD_SA con2{205} established with SPIs c80b9bff_i de8be4d3_o and TS 10.1.0.0/16 === 192.168.21.0/28
Mar 26 10:15:01 charon: 12[CFG] <con2|369> selected proposal: ESP:3DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ
Mar 26 10:15:01 charon: 12[ENC] <con2|369> parsed QUICK_MODE response 3685036918 [ HASH SA No ID ID ]
Mar 26 10:15:01 charon: 12[NET] <con2|369> received packet: from 202.158.42.10[500] to 192.168.100.10[500] (164 bytes)
Mar 26 10:15:01 charon: 12[IKE] <con2|369> received retransmit of response with ID 0, but next request already sent
Mar 26 10:15:01 charon: 12[NET] <con2|369> received packet: from 202.158.42.10[500] to 192.168.100.10[500] (68 bytes)
Mar 26 10:15:01 charon: 12[IKE] <con2|369> received retransmit of response with ID 0, but next request already sent
Mar 26 10:15:01 charon: 12[NET] <con2|369> received packet: from 202.158.42.10[500] to 192.168.100.10[500] (68 bytes)
I have issues with VPN IPsec. After successfully established a VPN tunnel, everything works without any issues then after a certain time, my terminal (ssh) just freezes on a remotely connected computer. I tried to ping the remote server and there is no reply then after some times it just continues to work. VPN logs do not show anything. I can see from logs that we are still connected. Other side admin told me that he can see also that we are connected.
Here is information about my OPNsense device:
OPNsense 19.1.4-amd64
FreeBSD 11.2-RELEASE-p9-HBSD
OpenSSL 1.0.2r 26 Feb 2019
Another side is the Checkpoint Firewall which I do not have any information.
LOGS:
Mar 26 10:15:01 charon: 12[NET] <con2|369> sending packet: from 192.168.100.10[500] to 202.158.42.10[500] (60 bytes)
Mar 26 10:15:01 charon: 12[ENC] <con2|369> generating QUICK_MODE request 3685036918 [ HASH ]
Mar 26 10:15:01 charon: 12[IKE] <con2|369> CHILD_SA con2{205} established with SPIs c80b9bff_i de8be4d3_o and TS 10.1.0.0/16 === 192.168.21.0/28
Mar 26 10:15:01 charon: 12[CFG] <con2|369> selected proposal: ESP:3DES_CBC/HMAC_SHA1_96/NO_EXT_SEQ
Mar 26 10:15:01 charon: 12[ENC] <con2|369> parsed QUICK_MODE response 3685036918 [ HASH SA No ID ID ]
Mar 26 10:15:01 charon: 12[NET] <con2|369> received packet: from 202.158.42.10[500] to 192.168.100.10[500] (164 bytes)
Mar 26 10:15:01 charon: 12[IKE] <con2|369> received retransmit of response with ID 0, but next request already sent
Mar 26 10:15:01 charon: 12[NET] <con2|369> received packet: from 202.158.42.10[500] to 192.168.100.10[500] (68 bytes)
Mar 26 10:15:01 charon: 12[IKE] <con2|369> received retransmit of response with ID 0, but next request already sent
Mar 26 10:15:01 charon: 12[NET] <con2|369> received packet: from 202.158.42.10[500] to 192.168.100.10[500] (68 bytes)