Project

General

Profile

Actions

Bug #1970

closed

IPsec stops routing after a while

Added by c c over 12 years ago. Updated over 11 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
IPsec
Target version:
-
Start date:
10/20/2011
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.0
Affected Architecture:

Description

Using the same setup as this bug:
http://redmine.pfsense.org/issues/1969

It appears that after a while with no clear trigger, even Shrewsoft VPN client will stop routing traffic after a while. I have noticed that it seems to happen after I have been connected, then left and had my computer hibernate. Upon returning and reconnecting, the VPN will not route any traffic at all until I restart the pfsense box, at which point it starts working again.

It may be the same issue as the other bug above, but I cannot reliably trigger it by simply connecting and disconnecting (whereas with the Cisco client, the first connection breaks things).
EDIT: It looks like a connection interruption triggers this-- I can make it happen by disconnecting and reconnecting the wireless without properly disconnecting from the VPN.

As in the other bug, let me know if access to this test box would be useful-- I have no concerns about giving access to the interface, as it is simply a test box.

Configuration details:
pfSense 2.0 (release), i386
on a Dell Dimension 420

Using Mobile IPsec--
Providing a virtual IP and DNS

Phase 1 settings:
Interface: WAN
Auth Method: Mutual PSK + Xauth
Negotiation: Agressive
My identifier: My IP address
Peer identifier: UDN ()
preshared key: mypks
Policy Generation: on
Proposal checking: obey
Encryption: AES128, with MD5
DH key group 2
Nat Traversal enabled
DPD on, 5 seconds, 5 retries

Phase 2:
Mode: tunnel
Local network: 0.0.0.0/0
Protocol: ESP
Encryption: AES, 3des
Hash: md5
PFS off


Files

broken_ipsec_connection.txt (3.89 KB) broken_ipsec_connection.txt Broken connection, 4 pings, disconnect. c c, 10/20/2011 05:12 PM
working_ipsec_connection.txt (4.07 KB) working_ipsec_connection.txt Working connection, 3-4 pings, disconnect c c, 10/20/2011 05:12 PM
98.175.1.1.vpn (1.04 KB) 98.175.1.1.vpn Shrewsoft vpn profile (IP and PSK hidden) c c, 10/20/2011 05:12 PM
Actions

Also available in: Atom PDF