Page 1 of 2 12 LastLast
Results 1 to 10 of 19
  1. #1
    Untanglit
    Join Date
    Jul 2012
    Posts
    19

    Default IPSec VPN unstable since 13.1 upgrade

    Ever since my system upgraded to 13.1, my IPSec tunnel has become unstable. In 6 days I've had to shut off and restart the tunnel 5 times. Any advice on what to look for? I don't know if this is a bug in the new update or a problem with the upgrade itself.

  2. #2
    Master Untangler
    Join Date
    Mar 2009
    Posts
    126

    Default

    One of my customers has NGFW v13.1 with ~ 60 iPads users with permanent IKEv2 IPSec VPN configuration pushed out to them with JAMF Pro. From the end user perspective this is all working fine although we can see that many of the iPads are dropping off the VPN connection and reconnecting every minute or two while some hold their connection for an hour or more at a time...

  3. #3
    KB2
    KB2 is offline
    Untangler
    Join Date
    Jul 2013
    Location
    Colchester, Essex, UK
    Posts
    37

    Default

    came to the forums to investigate exact same issue that i am having on my U150
    ipsec vpn is to another untangle device a u10, both using v13.1.0
    but in my case only seems to happen after a few days. it will be fine then i come in to find various replication errors from my SQL and then find that vpn has closed itself again. logs are not particularly helpful to me, other than i can see they will stop logging anything at the same time it shuts down.
    a restart of the vpn resolves, but is pretty frustrating these keeps having to be done.

    we did have this on a previous version of untangle, but then stopped with a subsequent update.. but has now returned!

    kb

  4. #4
    Newbie
    Join Date
    Mar 2014
    Posts
    2

    Default

    For three locations - two remote offices to the main - I'm having daily disconnects on only one of the VPNs. Since we host our VOIP system at the main site, the disconnect means phones and data are down when this happens.

  5. #5
    Master Untangler dmor's Avatar
    Join Date
    Jun 2009
    Posts
    580

    Default

    Are you guys using IKEv1 or IKEv2? I had this problem with some IKEv1 tunnels. Recently I have switched to IKEv2 and it has improved quite a bit.

  6. #6
    Newbie
    Join Date
    Aug 2014
    Posts
    9

    Default

    My first question would be what is bringing the tunnels down?

    In a perfect world the tunnel would continue to renegotiate until it cannot or is forced down.

    Without any additional details I would say that you are losing Internet connectivity which is forcing the tunnels down. In that case I would recommend trying to set the tunnel "Connect Mode" for "On Demand" instead of "Always Connected". The "On Demand" setting is recommended in environments where Internet stability is an issue.

  7. #7
    Master Untangler
    Join Date
    May 2010
    Location
    Texas, USA
    Posts
    519

    Default

    For the record my ipsec VPN disconnects a lot more frequently since going to 13.1 as well. No idea the reason, just reporting the results.

    Sent from my Pixel 2 using Tapatalk

  8. #8
    Untanglit
    Join Date
    Mar 2013
    Posts
    16

    Default

    Having the same issues suddenly since the remote site updated to 13.1.1 today. Frustrating when I am trying to adopt APs and there are VoIP phones going down constantly.

    Is there a fix coming?
    Last edited by kballard; 01-29-2018 at 09:18 PM.

  9. #9
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    6,480

    Default

    13.2 is rolling out. Email the UID to support if you want the upgrade immediately.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  10. #10
    Master Untangler dmor's Avatar
    Join Date
    Jun 2009
    Posts
    580

    Default

    Quote Originally Posted by kballard View Post
    Having the same issues suddenly since the remote site updated to 13.1.1 today. Frustrating when I am trying to adopt APs and there are VoIP phones going down constantly.

    Is there a fix coming?
    If you haven’t already, try changing the tunnel config from always connected, to on demand. I know this sounds trivial, but trust me on this one.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2