4. IPSec status display in 2.4.1

IPSec status display in 2.4.1

  • B

    After upgrading one of my SG-4680's from 2.3.4 to 2.4.1 over the weekend, the IPSec status display does some "interesting" things.

    First, as tunnels come up, rather than update the existing line items for the tunnels (and moving them above inactive ones), webGUI creates new entries displaying the phase 1 SA details without the descriptive identifier from the configuration. This makes it difficult to identify a particular SA without knowing the peer's IP address.

    Second, these new entries include non-functional buttons to show phase 2 SA's. The only phase 2 status is available from the SPDs tab.

    I have more than 100 tunnels in my configuration, with anywhere from 25-30 active at any one time. Exporting and re-importing the IPSec section of config.xml doesn't resolve the issue, so it's not an obvious XML parsing problem. The issue also persists across reboots and theme changes (changing from the default theme to one like "pfSense Dark" or "Compact Red" doesn't resolve the issue). This device's HA peer still runs 2.3.4 and doesn't exhibit this behavior.

    0
  • Banned

    Update to 2.4.2.

    0
  • B

    Huh. Must have missed the release announcement. I'll drop it in and re-test.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy