Infrequent VPN issues on OPNsense VMs (VMware)

clownschiff · January 23, 2025, 02:03:55 PM

Hi all,

we have strange issues with some OPNsense VMs that run on VMware. The firewalls have a bunch of VPN site-to-site tunnels (IPsec and OpenVPN) which are mostly used for RDP sessions.
Every few days up to two weeks, all RDP sessions drop an can not be established again on all tunnels. If we ping inside the tunnel we have a high package loss (>50%) and the round trip times are all over the place. If we restart the tunnels, the problems persist. If we restart the whole firewall, the problems are gone.

We use the vmxnet3 adapters in VMware and the os-vmware plugin, if that matters.

If someone has or had similiar issues, I would be grateful for any help or hints! :)

trixter · January 24, 2025, 10:50:54 AM

did you install the vmware-tools on the Opnsense?

What interfacetype is used (e1000)?

clownschiff · January 27, 2025, 12:15:48 PM

Yes, I installed os-vmware on OPNsense. The interface type is vmxnet3.

clownschiff · February 28, 2025, 12:37:23 PM

Even though vmxnet3 is fully supported by OPNsense, the problem was solved by switching to Intel E1000E interfaces. There are no more VPN problems and even the bandwidth is slighly higher.

Infrequent VPN issues on OPNsense VMs (VMware)

clownschiff

January 23, 2025, 02:03:55 PM

trixter

January 24, 2025, 10:50:54 AM #1

clownschiff

January 27, 2025, 12:15:48 PM #2

clownschiff

February 28, 2025, 12:37:23 PM #3