Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
IPSec tunnel between OPNSense and pfSense
« previous
next »
Print
Pages: [
1
]
Author
Topic: IPSec tunnel between OPNSense and pfSense (Read 2113 times)
granalberto
Newbie
Posts: 1
Karma: 0
IPSec tunnel between OPNSense and pfSense
«
on:
February 10, 2021, 04:43:50 am »
Hi guys. I have a pfSense device (Netgate SG-1100) in one end and OPNSense in the other end. I was able to establish an IPSec tunnel but after one hour the tunnel is broken.
Here you can see the logs of the pfsense end trying to reestablish the connection by itself
https://pastebin.com/9w6wbJCy
and here you can see the logs when I push the button of child reconnect
https://pastebin.com/pLjwP41B
The very first configuration was very basic defaults on both systems. After that, I think I have played with all the configuration fields (those that make sense, of course) and the result is always the same.
I can easily reestablish the tunnel by restarting the IKE tunnel, no matter on which end I do the restart.
Thank you in advance for any clue.
Logged
nzkiwi68
Full Member
Posts: 182
Karma: 20
Re: IPSec tunnel between OPNSense and pfSense
«
Reply #1 on:
September 13, 2021, 12:34:35 am »
Late reply..
That's normally because PFS is on on one end (probably switched on on pfSense) and off at the OPNsense end.
At PFS lifetime of 1 hours (3600 seconds), the tunnel breaks.
To turn PFS on of off on OPNsense, under Phase 2 set the "PFS key group" to off or match the same DH key as pfSsense.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
IPSec tunnel between OPNSense and pfSense