Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 39 replies
  • Subscribers 8 subscribers
  • Views 64463 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSec VPN keeps down after DSL lines reconnects...

zaphod

i run several ipsec tunnel for years without any problems... all runs fine with 9.355-1


since the update to 9.402-7 all ipsec tunnels are down every morning.


i checked the ipsec-logs and found out that after my dsl-lines reconnect the tunnels will not come up again.

i have to turn them off and on and then all works....


anyone can help?



This thread was automatically locked due to age.
Parents
  • 0

    I also use multipathing. I have a 30 day trial SG135 which is used as my productive system and my old UTM120 which is used as testsystem to try the 9.403, so I can try some configs.

    Ext. Interface - Telekom ADSL, static IP (used for IPsec site2site vpn)

    Ext. Interface1 - 2. Telekom ADSL, static IP

    Ext. Interface2 - m-net ADSL, dynamic IP

    I tried to config it like described in the Sophos knowledgbase ID 118975

    https://www.sophos.com/de-de/support/knowledgebase/118975.aspx

    I have only a 1:1 IPsec connection, but I tried not to use my Ext. Interface but the Uplink Interfaces and added a multipath rule on top: BranchOfficeNetwork --> Any Service --> MyInternal Network --> by connection    --  Balanced to: Uplink Interfaces

    --> It also worked - until I did a "reconnect" on my Ext.Interface

    The only way to bring the tunnel back without a UTM restart is to change the last ribbon in the IPsec section (Fehlersuche) and change one of the debug level checkboxes. This brings back the tunnel after a reconnect.

    My productive system stays on 9.355 since no solution until no ...

Reply
  • 0

    I also use multipathing. I have a 30 day trial SG135 which is used as my productive system and my old UTM120 which is used as testsystem to try the 9.403, so I can try some configs.

    Ext. Interface - Telekom ADSL, static IP (used for IPsec site2site vpn)

    Ext. Interface1 - 2. Telekom ADSL, static IP

    Ext. Interface2 - m-net ADSL, dynamic IP

    I tried to config it like described in the Sophos knowledgbase ID 118975

    https://www.sophos.com/de-de/support/knowledgebase/118975.aspx

    I have only a 1:1 IPsec connection, but I tried not to use my Ext. Interface but the Uplink Interfaces and added a multipath rule on top: BranchOfficeNetwork --> Any Service --> MyInternal Network --> by connection    --  Balanced to: Uplink Interfaces

    --> It also worked - until I did a "reconnect" on my Ext.Interface

    The only way to bring the tunnel back without a UTM restart is to change the last ribbon in the IPsec section (Fehlersuche) and change one of the debug level checkboxes. This brings back the tunnel after a reconnect.

    My productive system stays on 9.355 since no solution until no ...

Children
No Data
Unfiltered HTML