Gif* interface is missing
In some cases when I try to create a site-to-site ipsec tunnel the connection cannot be established because the gif* interface is missing.
The spd.conf is created automatically, fw rules are ok.
If I manually create & configure the interface, then everything works like a charm.
I have tried to comment out the if(isset($tunnel['creategif'])) line in /etc/inc/vpn.inc and added an mwexec("/sbin/ifconfig gif" . $number_of_gifs . " create") after to it. As a result of it, the gif0 device was created but it had no config.
Do you have any ideas?
To answer my question: gif interface is not mandatory, but recommended if you are about to debug your ipsec connection.