Netgate SG-1000 microFirewall

Author Topic: fresh 2.3 with 2.2.6 config - Log spam "unable to find ipsec daemon leases..."  (Read 831 times)

0 Members and 1 Guest are viewing this topic.

Offline 2chemlud

  • Sr. Member
  • ****
  • Posts: 385
  • Karma: +20/-5
    • View Profile
Hi I have a fresh install of 2.3 i368 full with an imported config.xml from 2.2.6, which has two IPsec tunnels configured, but disabled. Doing fine so far (even populating the firewall logs now :-D ), but the log is spammed by permanent

"unable to find ipsec daemon leases file", see below.

Any hint what to do to stop this?

Many thanx in advance!

chemlud
« Last Edit: May 02, 2016, 03:49:47 am by 2chemlud »

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 21571
  • Karma: +1471/-26
    • View Profile
The tunnels being disabled is likely the source of that. The daemon isn't running, so the file isn't there, so there is nothing for the widget to fetch so it can report.

Either remove the IPsec widget or enable a tunnel.
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline 2chemlud

  • Sr. Member
  • ****
  • Posts: 385
  • Karma: +20/-5
    • View Profile
Hi again! :-)

I enabled a tunnel, but the connection did not come up, although the other side is online, too... Dunno why the tunnel does not connect, was functional in 2.1.x, but disabled since then.

On the 2.2.6 pFsense I have in the log:
charon: 08[IKE] <con2000|1> sending retransmit 5 of request message ID 0, seq 3

Debugging IPsec is no fun....

What is this widget-thing? I didn't install anything!
« Last Edit: May 09, 2016, 02:24:02 pm by 2chemlud »