Bug #4818
closed
IPSec makes worse in some cases - since 2.2.3 Update
0%
Description
Since updateing pfsense from V2.1.5 to V2.2.3, I´ve some issues with the IPsec VPN.
I´ve configured about 20 IPsec vpn connections to customers.
Four of them use Lancom routers for IPsec connections.
Exactly those four are not operational after updateing.
Connection parameters haven´t changed.
I tried to connect with 3DES encryption instead of AES but won´t work too.
Error I often see is "invalid ID_V1 payload length, decryption failed?".
Annexed an extract from the pfsense log.
I set IKE SA, IKE Child SA and Configuration backend in Diag mode at the IPsec Debug page.
Many Thanks!
Files
Updated by Chris Buechler over 9 years ago
- Status changed from New to Feedback
this likely overlaps with the changes made as part of fixing #4811, which some have confirmed fixed things for them that regressed from 2.2.2 to 2.2.3. Please try the latest 2.2.4 snapshot from https://snapshots.pfsense.org and report back.
Updated by Marvin Kamm over 9 years ago
- File IPsec_log1.csv IPsec_log1.csv added
Thanks for your quick response Chris!
I tried the last "nighty build" -> pfSense-Full-Update-2.2.4-DEVELOPMENT-amd64-20150706-2039.tgz.
Unfortunately my problem is not solved.
Still same behavior, vpn to lancom routers are not available, all other are OK.
Do you need further configs or logs?
Updated by
Updated by Marvin Kamm over 9 years ago
Since upgrading to pfSense-Full-Update-2.2.4-DEVELOPMENT-amd64-20150712-1215
I´m able to use all vpn tunnels again! Even to Lancom routers!
Thanks a lot!
#4818 can be closed!