Only one child SA per IPSec connection

Started by edzilla, June 10, 2025, 10:06:27 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 10, 2025, 10:06:27 PM Last Edit: June 10, 2025, 10:08:41 PM by edzilla
If I setup a (new style) IPSec connection with multiple child SAs, only the first one works.
I've worked around that by super-netting but that's not always possible.
Is that a known limit?
Thanks!

This is what my setup looks like:
June 11, 2025, 12:24:15 AM #1
So this issue was completely on my end.
I configured the IPSec VPN on the other end (Oracle OCI) as Static routing rather than Policy and that only allows one child SA.
There's not issue on Opnsense's end.
Print
Go Up Pages1
User actions