Results 1 to 9 of 9
  1. #1
    Newbie
    Join Date
    Jun 2015
    Posts
    5

    Default IPsec LAN2LAN two different networks only 1 active

    Hi all,

    I have (2) IPsec LAN2LAN configured to the same remote host with two different networks.

    10.1.1.0/24
    192.168.10.0/24

    I can only have one active at a time, has anyone seen this before?

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,202

    Default

    What version of Untangle are you running?
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Newbie
    Join Date
    Jun 2015
    Posts
    5

    Default

    Build: 11.1.0~svn20150430r40162release11.1-1wheezy
    Kernel: 3.2.0-4-untangle-amd64

  4. #4
    Newbie
    Join Date
    Jun 2015
    Posts
    5

  5. #5
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,202

    Default

    That bug was fixed when Untangle switched to StrongSwan in 11.1. I'm currently running a live site with multiple networks on each site connected with IPsec. Also that bug is L2TP not IPsec site to site.

    How are you deetermining only one is active? Are you using hostnames or IP address for the Remote host?
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  6. #6
    Newbie
    Join Date
    Jun 2015
    Posts
    5

    Default

    I'm using IP address for the remote host. The active light is only on for the original tunnel, not for the second tunnel I setup

  7. #7
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,202

    Default

    Are both locations using Untangle 11.1? Sounds like the second tunnel is not configured correctly on one of the Untangles.

    I would open a support ticket as we need to look at the IPsec setting for both sites. Make sure to include both UIDs in the support ticket.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  8. #8
    Newbie
    Join Date
    Jun 2015
    Posts
    5

    Default

    I'm connecting to a Cisco ASA 5512. If I disable the first tunnel the second one comes up. I'll open a ticket

  9. #9
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,202

    Default

    Well, multiple IPsec site to sites do work with Untangles on the endpoints. EOL on the Cisco 5500 series was July 16, 2011 so it might not support multiple networks with one IP address endpoint.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2