Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSec won't start in latest snapshot.

    2.2 Snapshot Feedback and Problems - RETIRED
    4
    8
    2.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mightykong
      last edited by

      Loaded up latest snapshot in my lab, wanted to test IPsec, and it won't start.  Getting this in system log:

      php-fpm[77668]: /status_services.php: The command '/usr/local/sbin/ipsec start' returned exit code '1', the output was 'Shared object "libstrongswan.so.0" not found, required by "starter"'

      Everytime I try to force start, it immediately goes back to stopped.

      For reference, this is the build I loaded:  pfSense-LiveCD-2.2-BETA-amd64-20140917-1610

      1 Reply Last reply Reply Quote 0
      • rbgargaR
        rbgarga Developer Netgate Administrator
        last edited by

        Please try next snapshots, it should be ok now.

        Renato Botelho

        1 Reply Last reply Reply Quote 0
        • C
          charliem
          last edited by

          Yes, IPsec starts now; I will test it further later today.

          But I also noticed:

          • ipsec pki is missing (was added by Ermal earlier, now it's gone again)

          • The 'apply' button does not function on the ipsec pre-shared keys tab.  One must go to another tab, and then hit the apply button.

          • the miniupnpd service does not start and cannot be restarted.

          • the bandwidthd package is not re-installed; bandwidthd segfaults after installing the package manually:```
            Sep 19 07:53:56 pfsense kernel: pid 47762 (bandwidthd), uid 0: exited on signal 11
            Sep 19 07:33:58 pfsense php: rc.bootup: Finished uninstalling package bandwidthd
            Sep 19 07:33:58 pfsense php: rc.bootup: Reinstalling package bandwidthd
            Sep 19 07:34:08 pfsense php: rc.bootup: XML_RPC_Client: Connection to RPC server                                packages
            .pfsense.org:443 failed. Operation timed out 103
            Sep 19 07:34:08 pfsense php: rc.bootup: XMLRPC communication error: Operation timed out
            Sep 19 07:34:08 pfsense php: rc.bootup: Finished installing package bandwidthd
            Sep 19 07:34:08 pfsense php: rc.bootup: Finished reinstalling all packages.

          Sep 19 07:53:54 pfsense kernel: pid 47354 (bandwidthd), uid 0: exited on signal 11
          Sep 19 07:53:54 pfsense kernel: pid 47497 (bandwidthd), uid 0: exited on signal 11
          Sep 19 07:53:56 pfsense kernel: pid 47762 (bandwidthd), uid 0: exited on signal 11
          Sep 19 07:54:05 pfsense kernel: pid 47826 (bandwidthd), uid 0: exited on signal 11
          Sep 19 07:57:19 pfsense kernel: pid 15345 (bandwidthd), uid 0: exited on signal 11
          Sep 19 07:57:25 pfsense kernel: pid 15618 (bandwidthd), uid 0: exited on signal 11

          1 Reply Last reply Reply Quote 0
          • rbgargaR
            rbgarga Developer Netgate Administrator
            last edited by

            Please check next round of snapshots. bandwidthd was not touched recently, I'll check it anyway.

            Renato Botelho

            1 Reply Last reply Reply Quote 0
            • E
              eri--
              last edited by

              • The 'apply' button does not function on the ipsec pre-shared keys tab.  One must go to another tab, and then hit the apply button.

              fixed in new snaps.

              1 Reply Last reply Reply Quote 0
              • C
                charliem
                last edited by

                @Renato:

                Please check next round of snapshots. bandwidthd was not touched recently, I'll check it anyway.

                Thanks! I can confirm IPsec pki is back, and miniupnpd is starting up OK again.

                @ermal:

                • The 'apply' button does not function on the ipsec pre-shared keys tab.  One must go to another tab, and then hit the apply button.

                fixed in new snaps.

                No, sorry, it still the same problem.  I make a change, say adding a PSK pair and hit 'save' radio button.  Table is updated & displayed, but the 'apply' change radio button does nothing.  Going to another tab and hitting the apply button does update the files in /var/etc/ipsec.  I confirmed that this snapshot does have the fix Ermal applied here: https://redmine.pfsense.org/projects/pfsense/repository/revisions/130a84c56839b2b36bad0630b2d7f97a39df4fe4

                1 Reply Last reply Reply Quote 0
                • C
                  charliem
                  last edited by

                  @Renato:

                  bandwidthd was not touched recently, I'll check it anyway.

                  Bandwidthd does not segfault any longer, after a re-install.  I had removed the package prior to the update, so I will see how the package upgrade is handled next time I update pfSense.  Thanks!

                  1 Reply Last reply Reply Quote 0
                  • rbgargaR
                    rbgarga Developer Netgate Administrator
                    last edited by

                    @charliem:

                    @ermal:

                    • The 'apply' button does not function on the ipsec pre-shared keys tab.  One must go to another tab, and then hit the apply button.

                    fixed in new snaps.

                    No, sorry, it still the same problem.  I make a change, say adding a PSK pair and hit 'save' radio button.  Table is updated & displayed, but the 'apply' change radio button does nothing.  Going to another tab and hitting the apply button does update the files in /var/etc/ipsec.  I confirmed that this snapshot does have the fix Ermal applied here: https://redmine.pfsense.org/projects/pfsense/repository/revisions/130a84c56839b2b36bad0630b2d7f97a39df4fe4

                    I pushed a fix for that.

                    Renato Botelho

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.