Netgate SG-1000 microFirewall

Author Topic: Disabling IPsec phase 2 results in complete loss of communication  (Read 79 times)

0 Members and 1 Guest are viewing this topic.

Offline czlars

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile

I am very new to pfSense, so perhaps this is my fault - but I do not see any reason for such behavior.

New 2.4.2-RELEASE box running on VMware ESXi with fairly simple setup - one WAN, one LAN interface with NAT and few port forwarding rules.

I need to setup LAN-LAN IPsec with Mikrotik on the other side. No success yet - the tunnel is not working, no communication goes through, still needs to be properly configured on the other side. No problem here.

Yesterday I was working on the IPsec configuration and disabled the Phase 2 config. The result was immediate loss of connectivity to / from the box, NAT down, port forwarding down, Webconfigurator down on both interfaces. Since I do not know much about pfSense and how to troubleshoot from the command line, I restored the configuration from the console and tried again. Three times the same result, then I gave up since this is production box and I need it working during the daytime.

Any ideas what can be wrong here? Again, the IPsec tunnel is not working, so disabling the Phase 2 setup could not cut off any communication as there was not any.