• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

IPsec with certs - vpn_ipsec_force_reload() failure

Scheduled Pinned Locked Moved Development
1 Posts 1 Posters 1.8k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • H
    Hobby-Student
    last edited by Apr 19, 2013, 6:44 PM

    Hey guys and girls,

    I've discovered a problem in restarting racoon by a script while using certs in IPsec authentication. Steps to reproduce:

    • IPsec configured as Mutual RSA + Xauth

    • mobile Clients work as expected

    • restarting racoon about "Status -> Services" is working fine

    • restarting racoon by calling vpn_ipsec_force_reload() in a script via crontab makes racoon crash with signal 15

    • script crash at vpn_ipsec_force_reload() with: function lookup_cert() not found (not exactly, writing by heart)

    solution:
    require_once("certs.inc") before require_once("vpn.inc")

    why it works in GUI:
    status_services.php includes openvpn.inc, which includes certs.inc

    for pfsense development (perhaps, just a suggestion):
    include require_once("certs.inc") in vpn.inc, because in vpn.inc it's called in function vpn_ipsec_configure($ipchg = false) (the file containing a function which calls a missing one, would now be some kind of consistent)

    Please let me know, what you think about… Thanks.

    Kind regards
    Hobby

    1 Reply Last reply Reply Quote 0
    1 out of 1
    • First post
      1/1
      Last post
    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
      This community forum collects and processes your personal information.
      consent.not_received