Hello Herbert and Heinz,
On Fri., nov 12, 2010, Harbert, Orangebox Networks wrote:
>Well I have now 2 sites with DynDNS running, 1x pfSense, 1x M0n0wall,
>IPsec for remote access, also a 3rd with NO-IP (pfSense).
>In general it does not give me trouble, only sometimes directly after an
>IP change on my m0n0 side, I can't build up a connection anymore.
>When at that moment I disconnect the WAN PPPOE it connects automaticly
>again and so far 9 out of 10 times builds up the IPsec again.
>1x it didn't and what I did was "save" the IPsec tunnel again and it
>In both situations I was on the m0n0wall side, so far did not have to do
>something on the pfSense sides.
>Did you check if all parameters are on both sides exactly the same?
I have the same problem as Heinz (as do probably many others.) All
the parameters are indeed the same on both of my m0n0wall routers.
One is behind a PPoE and the other has a static IP address, so this
IPSec using DNS RFC 2136 (I think that's the one) should be working.
Probably there's a bug in the racoon version of m0n0wall. I've even
updated to 1.33b1 after reading that something relating to dynamic
IPs and IPSec had been improved (the resolv.conf I think.) Even with
1.33b1 I'm having the same problems.
Has anyone got this feature to work in the meantime?