Domain names as identifier yields some errors



  • When I in 'Mobile clients' set 'my identifier' to 'Dynamic DNS' end enter some domain in box and thereafter press Save and revisits the page the box  shows 'IP address' with an empty box to the right instead.

    Is this somehow correct, it looks like it's not using my input.

    In log I see stuff like:

    racoon: ERROR: fatal parse failure (2 errors)
    racoon: ERROR: /var/etc/racoon.conf:11: """ syntax error
    racoon: ERROR: config reload failed

    If I enter 'domain name' and the domain in questions (which happen to be dynamically updated) I now get this instead:

    racoon: ERROR: parse error is nothing, but yyerrorcount is 2.

    I'm actually also having problems getting a connection through with Shrew using http://doc.pfsense.org/index.php/IPsec_Road_Warrior/Mobile_Client_How-To, I see repeated:

    racoon: ERROR: couldn't find the pskey for

    in log.

    I'll try to test various settings foerthat, this post was mostly targeted towards the domain/dynamic domain error.

    As a general note I see that since there are so many settings in various server/client GUIs there's always some tiny peace if info that's missing or changed when following guides and how-tos, but that's just the way it is with IPSec I guess.

    TIA,


  • Rebel Alliance Developer Netgate

    Are you putting in just a domain name, for example "example.com" or a FQDN, like "remoteuser.example.com"?

    IIRC, you need the FQDN, not just a domain name. Either way, the input validation probably needs to check for that if it's required.



  • I think it may have been just the domain name, have been trying varous settgins back and forth though. Will try to not use only domain name then and see if that does it.

    Thanx,


Locked