Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Prefer older IPsec SAs

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    6 Posts 4 Posters 4.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kaneda
      last edited by

      This item is always checked, you can uncheck it, save and next time you enter on that section will be checked again?
      I thought that this was solved.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        On this morning's snapshot I can check and uncheck it and it saves the value properly. Can you update and try it again?

        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • S
          spiritbreaker
          last edited by

          Hi Jimp,

          i updated pfsense to snapshot Sep 13 08:05:00 but problem seems not to be solved.

          After uncheck and save it looks right but after reload of page its checked again.

          Is it possible to change variable on console?

          EDIT:

          got it

          sysctl -w net.key.preferred_oldsa=0
          

          I changed vpn.inc to turn it off.

          cya

          Pfsense running at 11 Locations
          -mobile OPENVPN and IPSEC
          -multiwan failover
          -filtering proxy(squidguard) in bridgemode with ntop monitoring

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            Not sure why I couldn't reproduce this before. I can reproduce it now. I'll have a look at it soon.

            I opened a ticket for it, too:
            http://redmine.pfsense.org/issues/907

            Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • _
              _igor_
              last edited by

              I can confirm that it doesn't work:

              built on Sun Sep 19 19:15:37 EDT 2010

              I can uncheck the setting, but on reloading the page its ticked again.

              1 Reply Last reply Reply Quote 0
              • jimpJ
                jimp Rebel Alliance Developer Netgate
                last edited by

                I just committed a fix. It should be in newer snapshots, or you can either gitsync or apply the patch from the repo manually:

                https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/7b2fdac49b28d638a38c9f51a7222e25d386bcca

                Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.