Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
IPSEC Tunnel not working anymore
« previous
next »
Print
Pages:
1
[
2
]
Author
Topic: IPSEC Tunnel not working anymore (Read 11622 times)
jaylow
Newbie
Posts: 4
Karma: 0
Re: IPSEC Tunnel not working anymore
«
Reply #15 on:
March 19, 2019, 09:48:30 am »
Hi all,
we had the same issue here. We have 22 site-2-site IPSec tunnels running, three of them are ike v2.
All remote peers are different kind of firewalls (Cisco ASA, Lancom, Checkpoint) but no OPNsense.
After upgrading to 19.1.4 some tunnels worked fine some didn't. It didn't make any difference if it was ike v1 or v2.
As far as we can say all not working tunnels contain single host configurations in the phase 2 entries. But I am not sure about that matter 'cause we weren't able to test all connections.
After applying the patch (= removal of VTI) everything was fine, thanks for that!
Cheers
Josef
Logged
siegfried
Newbie
Posts: 26
Karma: 3
Re: IPSEC Tunnel not working anymore
«
Reply #16 on:
March 20, 2019, 03:52:07 pm »
Hi all,
same problem here. Since 19.1.4 a tunnel to a Fortigate cluster (2x Fortigate 200E) doesn't work anymore. SAs are created, the counters for incoming traffic are >0, but no outgoing traffic to the Fortigate box.
I'll try the patch later this evening.
Edit: Fortigate Firmware version: 5.6.3
«
Last Edit: March 20, 2019, 04:12:55 pm by siegfried
»
Logged
KittD
Newbie
Posts: 1
Karma: 0
Re: IPSEC Tunnel not working anymore
«
Reply #17 on:
March 20, 2019, 08:35:37 pm »
Updated a bunch of routers last night from 19.1.2 to 19.1.4 and a few of them had VPN issues this morning. Reverted the patch on one of them, rebooted, and no issues right now.
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: IPSEC Tunnel not working anymore
«
Reply #18 on:
March 20, 2019, 09:24:27 pm »
Appreciate the info. We removed the explicit reqid setting from non-VTI configurations and that should be it for 19.1.5.
Cheers,
Franco
Logged
siegfried
Newbie
Posts: 26
Karma: 3
Re: IPSEC Tunnel not working anymore
«
Reply #19 on:
March 21, 2019, 07:46:37 am »
Moin!
Patch solved the issue. Thanks!
Logged
emmitt
Newbie
Posts: 40
Karma: 0
Re: IPSEC Tunnel not working anymore
«
Reply #20 on:
March 25, 2019, 06:44:30 pm »
Hi,
is it useful tp wait for 19.1.5?
If not, how can I download and install the patch?
Thanks!
Logged
glasi
Jr. Member
Posts: 98
Karma: 9
Re: IPSEC Tunnel not working anymore
«
Reply #21 on:
March 30, 2019, 05:07:38 pm »
Hi all,
I have the same issue here with a site-2-site IPSec tunnel. OPNsense does not build up the IPsec tunnel.
In my setup I can pin down the problem to the
connection method
in the tunnel settings. OPNsense fails to establish the IPsec tunnel when '
Start immediate
' is selected as connection method.
As soon as I select '
Start on traffic
' as connection method, everything works fine.
Can anybody reproduce this issue with his/her own setup?
Logged
Print
Pages:
1
[
2
]
« previous
next »
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
IPSEC Tunnel not working anymore