IPsec reload bug
-
I have found a bug that if you change an IP address of an existing tunnel and apply the settings,the box still tries to connect on the old IP.
If you restart the racoon services I get Fatal error: Call to undefined function ipsec_get_phase1_src() in /etc/inc/vpn.inc on line 181 -
If you can reproduce this even on the most currently available snapshot, open a bug report at http://redmine.pfsense.org/
-
One part confirmed.
http://redmine.pfsense.org/issues/show/353The other I'm not seeing. Changed IP resulted in:
Feb 12 02:58:48 php: /vpn_ipsec_phase1.php: Reloading IPsec tunnel ''. Previous IP '10.0.55.50', current IP '10.0.55.55'. Reloading policyand it did update racoon.conf and the SPD correctly to reflect that.
-
I am running a bit behind so I will update now and confirm.
-
I have done some more testing on the release 15/02/10 and the reload bug is sorted but the changes don't take effect of an IP change until the racoon is restarted.
-
I have done some more testing on the release 15/02/10 and the reload bug is sorted but the changes don't take effect of an IP change until the racoon is restarted.
Hi,
I think it should work now, I commited some fixes yesterday night about racoon and SPD reloading.
Could you gitsync your box and try again ? Or wait the next snapshot.
Thanks !
Pierre -
I have just sync'ed and will now test.
-
Can confirm this as fixed.