so getting on fine with pfsense and learning its way of doing things. Wondering what is the way to see what it bringing up ipSec VPN connections.
Background:
HAve ipsec vpns connecting to a couple other Draytek routers and they will come up when traffic is initiated on the pfsense side. The drayteks have a 300 sec idle timeout.
[site A 100.1/24] — >> ---- [Site B 200.1/24]
So if I ping from workstation from 100.12 to a device on Site B 200.5 ipsec comes up and then sometimes it will drop on its own within roughly the expected timescale. But, sometimes I am seeing the IPsec tunnels up when not expected and want to see which traffic is initiating it.
ntopng is not showing the remote traffic / peers when the ping has been stopped. Is there a way to figure this out without getting wireshark out. Would like to have a handle on it.