Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
IPSEC Tunnel not working anymore
« previous
next »
Print
Pages: [
1
]
2
Author
Topic: IPSEC Tunnel not working anymore (Read 11655 times)
Beleggrodion
Newbie
Posts: 14
Karma: 1
IPSEC Tunnel not working anymore
«
on:
March 13, 2019, 11:08:28 am »
We had the problem, that since our firewall updated to 19.1.4 our ipsec tunnel's don't work anymore as expected. We see on the GUI that all tunnels are up and on both sites we see status up on both phase. But we don't see any traffic through the tunnel. I can ping from my host on site A to the firewall or the server of site B and i don't see any traffic on Site B, i only see with tcpdump my ping request on the Firewall of site A but nothing more. We also rebooted the firewall but no effect.
Edit:
Site B ist still on version 19.1.2 and when i ping from Site B to Site A i see in tcpdump on interface enc0 ping ping request on site A and Site B. When i do a ping from Site A, i don't see this ping on enc0. Only on the LAN interface and then it goes to nowhere.
«
Last Edit: March 13, 2019, 11:26:10 am by Beleggrodion
»
Logged
airdatec
Newbie
Posts: 20
Karma: 0
Re: IPSEC Tunnel not working anymore
«
Reply #1 on:
March 13, 2019, 12:56:51 pm »
same same since 19.1.4
Logged
franco
Administrator
Hero Member
Posts: 17747
Karma: 1620
Re: IPSEC Tunnel not working anymore
«
Reply #2 on:
March 13, 2019, 01:32:24 pm »
Try reverting
https://github.com/opnsense/core/commit/8490bc70ab
# opnsense-patch 8490bc70ab
Cheers,
Franco
Logged
ccesario
Jr. Member
Posts: 83
Karma: 1
Re: IPSEC Tunnel not working anymore
«
Reply #3 on:
March 13, 2019, 04:11:36 pm »
Im getting the same problem 19.1.3 and 19.1.4 versions... I needed go back to 19.1.2 ... because my env it was in production mode and I did not have time to investigate.
Regards
Carlos
Logged
ivoruetsche
Newbie
Posts: 31
Karma: 5
Re: IPSEC Tunnel not working anymore
«
Reply #4 on:
March 13, 2019, 04:13:25 pm »
Yes, same on our side, we go back to 19.1.2 and have to request a maintenance window to try the patch.
ivo
«
Last Edit: March 13, 2019, 09:12:43 pm by ivoruetsche
»
Logged
airdatec
Newbie
Posts: 20
Karma: 0
Re: IPSEC Tunnel not working anymore
«
Reply #5 on:
March 13, 2019, 04:56:49 pm »
how did you go back to 19.1.2 ? with Reinstall or ist ther a option to go back without new installation ?
Logged
ivoruetsche
Newbie
Posts: 31
Karma: 5
Re: IPSEC Tunnel not working anymore
«
Reply #6 on:
March 13, 2019, 05:02:59 pm »
In the console:
opnsense-revert -r 19.1.2 opnsense
Logged
franco
Administrator
Hero Member
Posts: 17747
Karma: 1620
Re: IPSEC Tunnel not working anymore
«
Reply #7 on:
March 13, 2019, 05:11:03 pm »
Please try the patch revert instead of going back to older versions -- otherwise we'll not have enough data to work on.
Cheers,
Franco
Logged
ivoruetsche
Newbie
Posts: 31
Karma: 5
Re: IPSEC Tunnel not working anymore
«
Reply #8 on:
March 13, 2019, 07:54:06 pm »
Salü Franco
It looks fine after applying the patch:
- Update 19.1.2 --> 19.1.4
- Manual Reboot
- Applying patch
- Manual Reboot
Besten Dank und schönen Abend.
gruss ivo
Logged
franco
Administrator
Hero Member
Posts: 17747
Karma: 1620
Re: IPSEC Tunnel not working anymore
«
Reply #9 on:
March 14, 2019, 08:15:09 am »
Hoi Ivo,
Thanks for confirming. Is there an OPNsense < 19.1.4 or pfSense on the other end?
Cheers,
Franco
Logged
ivoruetsche
Newbie
Posts: 31
Karma: 5
Re: IPSEC Tunnel not working anymore
«
Reply #10 on:
March 14, 2019, 08:49:42 am »
Salü Franco
For sure we only use opnSense :-)
Without the patch in the main office, we had different versions in place; between 19.1.2 and 19.1.4 and we can't connect to any side.
Maybe this is interesting: We patch only the FW on the main office (19.1.4 + patch) and it runs fine with the unpatched 19.1.4 boxes and 19.1.2 to .3 from the branch offices.
gruss ivo
Logged
schnipp
Sr. Member
Posts: 379
Karma: 19
Re: IPSEC Tunnel not working anymore
«
Reply #11 on:
March 14, 2019, 09:55:17 pm »
I have updated from 19.1.2 to 19.1.4 and my IPSec connections (1 x site2site, 2 x mobile) still work fine without installing the patch. Is the latter only needed in case of using VTI?
Logged
OPNsense 24.7.9_1-amd64
airdatec
Newbie
Posts: 20
Karma: 0
Re: IPSEC Tunnel not working anymore
«
Reply #12 on:
March 16, 2019, 12:29:11 pm »
Patch works fine
Logged
karaman
Newbie
Posts: 33
Karma: 0
Re: IPSEC Tunnel not working anymore
«
Reply #13 on:
March 18, 2019, 09:40:09 am »
Same problem. Patch works fine.
Logged
franco
Administrator
Hero Member
Posts: 17747
Karma: 1620
Re: IPSEC Tunnel not working anymore
«
Reply #14 on:
March 18, 2019, 04:37:47 pm »
Since the patch is just a feature removal the question now is: everyone who needs to revert the feature, what is your special setup quirk here? Need details please....
Cheers,
Franco
Logged
Print
Pages: [
1
]
2
« previous
next »
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
IPSEC Tunnel not working anymore