I have been using Astaro since version 3 and never had a problem with IPSec VPNs.
I have now got 6.202/6.203 boxes with IPSec with static IP to Static IP and static IP to dynamic IP which previously had functioning VPNs that would also route IP. I have updated a couple of these boxes to 6.203 and the VPNs are ALL still working according to the logs but NO IP ROUTING. I intend going back to 6.200 and restoring a config from one of the weekly backups I perform. If the VPNs all come back up and route properly I am going to wag my finger. If the ASL moderators want to have a look at a couple of these boxes they are welcome to.
The VPNs are all green in the GUI and the VPN logs indicate every thing is fine. It is not because I am blocking ICMP or any of that stuff. I also have a 6.203 running static IP to static IP with a 5.212 box and the VPN is up and routing is functioning. I also have a 6.105 box routing to a 6.202 box no problems. Just all the 6.202 and 6.203 combinations that make for a bad situation. Is this or this causing problems? ID3482 Default ICMP Flood Protection settings may cause issues or ID3642 Problem when using IPsec VPN on bridge interfaces. I am not using IPSec VPN on bridged interface though. Buggered if I know what is wrong but about the only thing that has changed has been the updates to 6.203.
This thread was automatically locked due to age.
