Duplicate Outbound NAT entries when creating L2TP server

raab

Apologies for the stupid question, this is born out of curiosity more than anything as opposed to something being wrong.

Why is it when you create an L2TP server, it adds the client subnet twice in the automatic outbound NAT rules?
alt text

If I change it to manual rules:
alt text

What's the difference between "Auto created rule for ISAKMP - L2TP to WAN" vs "Auto created rule for ISAKMP - L2TP server to WAN"?

They look the same to me?

Thanks

jimp

Looks like there may be an unintended duplication there.

It gets added to $FilterIflist at https://github.com/pfsense/pfsense/blob/master/src/etc/inc/filter.inc#L1179

And then manually added to the NAT network list at https://github.com/pfsense/pfsense/blob/master/src/etc/inc/filter.inc#L1664

Open a bug report at https://redmine.pfsense.org -- It will probably need a little deeper investigation to determine if removing it from the latter location might impact things more than it appears at a glance.

raab

Ok thanks, will file a bug report :)

I tried fresh installs of 2.4.4 p3, 2.4.5-RC and 2.5.0 in Virtual Box just to confirm it isn't unique to my setup