Re: VPN is not working after the update

Centosuser · ‎11-22-2017

Dear All,

We had VMware 5.5 with a virtual pfsense appliance using site to site VPN,

after the update to 6.5 the VPN stops working and can't get it working.

is this something related to the NIC Teaming ?

Can someone please advies why ?

see attached my NIC TEAMING Screenshots.

mprazeres183 · ‎11-23-2017

Hi Centosuser,

I'm not quite sure what you mean by VPN is not working anymore after the HOST has been upgraded from a ESXi 5.5 to a 6.5 version.

What where you using? A VPN connection trough your Firewall, Router from Location A to Location B where only the ESXi Hosts are connected?

Just to be clear, as this is quite speciall.
You have a location A with 1 ESXi Host and a location B with another ESXi Host and they had a VPN so that they where connected together?

Can you please explain the configuration?

Or do you mean to one of the vGuests running on the ESXi Host, and it loost the connection to the VPN?

Best regards,

Marco

Check my blog, and if my answere resolved the issue, please provide a feedback. Marco Frias - VMware is my World www.vmtn.blog

RajeevVCP4 · ‎11-23-2017

are you using NSX ?

Rajeev Chauhan
VCIX-DCV6.5/VSAN/VXRAIL
Please mark help full or correct if my answer is use full for you

cyberpaul · ‎11-23-2017

Hi, has the pfSense VM lost connectivity alltogether? Or is it just the VPN that's not working?

If it is just the VPN, can you establish the tunnel? Is the MTU setting on vSwitch the same as it was before?

Centosuser · ‎11-23-2017

Thank you for your answer,

yes the connection was established before between the two Pfsenses on Location 1 on ESXI 1 and Location 2 ESXI2

the MTU on the Vswitch is 1500 on the ESXi 1 as showen on the picture on the ESXI2 there is a Hardware Pfsense.

see below screenshot of my vswitch and security

cyberpaul · ‎11-24-2017

Hi, so the tunnel is established and no data is going through, is that correct?

Can you confirm the tunnel status in both pfSenses by clicking on Status -> IPsec? You should see "Connected" on both sides.

Centosuser · ‎11-25-2017

Thank you so much guys for your support.

it was a issue with the MTU on the ISP router, we got this set up correctly and stuff start

working