Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Mobile clients: Phase2 PFS Group influences to ALL IPSEC tunnels

    Scheduled Pinned Locked Moved IPsec
    3 Posts 2 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      yarick123
      last edited by

      Dear pfSense Team,

      at first I would like to thank you, no, THANK YOU for the perfect software product. We use it many years without problems.

      I think, I have found a bug.

      The "mobile clients" configuration option "Phase2 PFS Group" influences to all IPSEC tunnels. If "mobile clients" functionality is disabled
      and the option is checked, all the rest IPSEC tunnels work incorrect anyway.

      It happens on pfSense-2.0.1.

      Best regards

      1 Reply Last reply Reply Quote 0
      • Y
        yarick123
        last edited by

        If this behavior is ok, then the string

        "Provide the Phase2 PFS group to clients ( overrides all mobile phase2 settings )"

        should be replaced with

        "Provide the Phase2 PFS group to clients ( overrides phase2 settings for all the tunnels)"

        and moved from the dialog "Mobile clients".

        1 Reply Last reply Reply Quote 0
        • J
          Jeroen76
          last edited by

          Thanks,
          I had the same problem that all other tunnels (whith different phase 2 settings) no longer worked in phase 2.
          Disable the global setting "Provide the Phase2 PFS group to clients ( overrides all mobile phase2 settings )" in mobile clients tab has solved it.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.