• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Possible bug with multiple phase 2 entries

Scheduled Pinned Locked Moved IPsec
2 Posts 2 Posters 804 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • V
    Vlado
    last edited by Jul 5, 2017, 11:47 AM

    I have an IPsec tunnel configured on a 2.3.4 pfSense. The IPsec tunnel has 33 phase 2 entries with different remote subnets. This leads to an ipsec.conf configuration file having 33 separate connections for each phase 2 entry, which is fine. However, the problem is that each of these 33 connections has an "esp" parameter like this:

    esp = 3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024,3des-md5-modp1024!

    The ESP algorithm is repeated 33 times for every separate connection. Is this an expected behavior or it is a bug and is it actually affecting the IPsec tunnel in any way?

    1 Reply Last reply Reply Quote 0
    • J
      jimp Rebel Alliance Developer Netgate
      last edited by Jul 5, 2017, 1:00 PM

      https://redmine.pfsense.org/issues/6263

      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      1 Reply Last reply Reply Quote 0
      1 out of 2
      • First post
        1/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received