2.3.2-RELEASE-p1 (amd64) PSK issues



  • I'm trying to get my firewall updated to latest and greatest, but have come across a problem with my iPsec tunnels. I have narrowed it down from looking at previous bugs and issues, but I still don't have a fix.

    The problem I see is this:

    My Identifier: distinguished name : hq.myhq.com
    Peer Identifier: user distinguished name: Example_01@example.site.net

    Inside my ipsec.secrets, entries are formatted like this:

    %any Example_01@example.site.net : PSK "encrypted PSK"
    example1.site.net : PSK "encrypted PSK"=
    

    If I delete the %any, the connections work no problem.

    Of course any time the config changes it would break.

    Also, when I create a mobile ipsec connection for my IOS devices, there is no leading %any.

    Why is it inserting the %any when there is a specific identifier listed?



  • Any ideas? Prior to the update, raccoon didn't lead with the %any in the PSK file.