Netgate Store

Author Topic: pfsense 2.4.3 ipsec.conf is not updated  (Read 140 times)

0 Members and 1 Guest are viewing this topic.

Offline bpostaci

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
pfsense 2.4.3 ipsec.conf is not updated
« on: April 29, 2018, 01:16:55 pm »
I have two pfsense box (same version) that i am tring to configure IPSec, then recently noticed one of them even i see the UI configuraiton,
ipsec.conf file is not getting updated.

-Tried , reboot , stop restart the ipsec service,  re-create the ipsec configuraiton nothing happens , only i have seen below configuration is not changing.


# This file is automatically generated. Do not edit
config setup
   uniqueids = yes

conn bypasslan
   leftsubnet = 192.168.2.0/24
   rightsubnet = 192.168.2.0/24
   authby = never
   type = passthrough
   auto = route



Do you have any idea  ?

Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 10570
  • Karma: +1209/-324
    • View Profile
Re: pfsense 2.4.3 ipsec.conf is not updated
« Reply #1 on: April 29, 2018, 03:20:57 pm »
You'll have to provide more details. What have you done? What is the IPsec configuration that is not contained in that file? You probably want to post screenshots of what you have done.
Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!
Do Not PM For Help! NO_WAN_EGRESSTM

Offline bpostaci

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: pfsense 2.4.3 ipsec.conf is not updated
« Reply #2 on: April 30, 2018, 12:59:00 am »
Information :

Box 1
Interfaces
WAN    -> Currently is down.   
WAN2  -> Up and running (Default Gateway) Public IP : 33.33.33.33 (Security reason is the fake)
WLAN1 -> WPA-ENT -> EAP -TLS Radius  using external wifi access point. (192.168.25.0/24)
WLAN2 -> WPA-PSK
LAN     ->  Up and running.

No issues with internet connection.

Box 2
WAN -> up and running  Public IP : 44.44.44.44 (security resaons it is the fake)
LAN ->  10.10.35.0/24


The issue happens in box1.
-No issues between Firewall access on ports 500 , 4500 between boxes.

You can see in attached pictures I already configured IPSec. (Previously it was working )
But interestingly , the configuration it is not visible in  /var/etc/ipsec/ipsec.conf .
In second box i can see all the configuration (for 2nd box)  is present in ipsec.conf file updated correctly.



I have compared file rights are same both in the box with ls -l
-rw-r--r--   1 root  wheel  207 Apr 29 15:18 ipsec.conf

Even i make a change on UI , deleting and recreating IPSec configuration it doesnt updating ipsec.conf file in box1.




 



« Last Edit: April 30, 2018, 01:20:27 am by bpostaci »

Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 10570
  • Karma: +1209/-324
    • View Profile
Re: pfsense 2.4.3 ipsec.conf is not updated
« Reply #3 on: April 30, 2018, 01:47:31 am »
You have the IPsec on WAN but you say it is currently down. Is WAN disabled?
Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!
Do Not PM For Help! NO_WAN_EGRESSTM

Offline bpostaci

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: pfsense 2.4.3 ipsec.conf is not updated
« Reply #4 on: April 30, 2018, 03:01:02 am »
May be this is interesting.
/vpn_ipsec.php: IPsec ERROR: Could not find phase 1 source for connection . Omitting from configuration file.

Offline bpostaci

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: pfsense 2.4.3 ipsec.conf is not updated
« Reply #5 on: April 30, 2018, 03:02:55 am »
Of Course you right it is totally my mistake :) it should be in WAN2 ..... thanks a billion.