I've got a strange problem....and tried everything to solve it, but can't get it to work for a 100%
There are 10 subnets (sites B->K) connected through an IPsec VPN to the subnet of site A and I'm using a m0n0wall (WRAP) installation on all of these sites. Most sites make use of a cable broadband connection and 4 make use of an ADSL connection with an already installed SPEEDTOUCH modem/router (546 and 716). VPN config: aggressive, blowfish, sha1, 2, 28800, esp, blowfish, sha1, 2, 3600
In 9 of the above VPN connections everything works 100%...but since 3 weeks I've got a problem with the VPN connection from site J and K to A; J and K with speedtouch 546 in front. The following is listed in the log:
Jul 12 05:18:57 racoon: DEBUG: pfkey UPDATE succeeded: ESP/Tunnel xxx.xxx.xxx.xxx[0]->192.168.1.65[0] spi=144677012(0x89f9894)
Jul 12 05:18:57 racoon: INFO: IPsec-SA established: ESP/Tunnel xxx.xxx.xxx.xxx[0]->192.168.1.65[0] spi=144677012(0x89f9894)
Jul 12 05:18:57 racoon: DEBUG: ===
Jul 12 05:18:57 racoon: DEBUG: get pfkey ADD message
Jul 12 05:18:57 racoon: INFO: IPsec-SA established: ESP/Tunnel 192.168.1.65[0]->xxx.xxx.xxx.xxx[0] spi=91481484(0x573e58c)
Jul 12 05:18:57 racoon: DEBUG: ===
Jul 12 05:30:55 racoon: INFO: phase2 sa expired 192.168.1.65-xxx.xxx.xxx.xxx
Jul 12 05:30:56 racoon: INFO: phase2 sa deleted 192.168.1.65-xxx.xxx.xxx.xxx
Jul 12 05:45:44 racoon: DEBUG: msg 1 not interesting
A ping to the other subnet isn't possible and after VPN->IPsec->"save" in m0n0wall it's possible again to ping to the other subnet.
Looking forward to your answers
------------------------------------------------------------------------------------------------------------------
update
------------------------------------------------------------------------------------------------------------------
The problem is being caused by the speedtouch 546 so I have bought another ADSL modem.
Topic: VPN (madness) IPsec connection down