IPSec create route which will not be cleared



  • Still the same problem.
    If I assign an interface with DHCP, then I will get a route to the destination which uses the right gateway.
    If I change the settings to an interface with a static ip the route will not be cleared.



  • I suppose the problem is here (vpn_ipsec_phase1.php):

                    if ($pconfig['interface'] <> "wan") {
                            if($old_ph1ent['remote-gateway'] <> $pconfig['remotegw']) {
                                    mwexec("/sbin/route delete -host {$old_ph1ent['remote-gateway']}");
                            }
                    }
    

    The route is only deleted, if the remote gateway changes.
    It should be deleted, if the interfaces changes, too.



  • I uncomment this in vpn.inc:

    log_error("IPSEC interface is not WAN but {$parentinterface}, adding static route for VPN endpoint {$rgip} via {$gatewayip}");
    

    and got in log:

    
    May 7 15:28:25 php: /vpn_ipsec.php: IPSEC interface is not WAN but opt1, adding static route for VPN endpoint 10.2.2.10 via 10.3.2.1
    May 7 15:28:25 php: /vpn_ipsec.php: IPSEC interface is not WAN but opt1, adding static route for VPN endpoint 10.2.2.10 via 10.3.2.1
    May 7 15:28:25 php: /vpn_ipsec.php: IPSEC interface is not WAN but opt1, adding static route for VPN endpoint 10.2.2.10 via 10.3.2.1
    
    

    Is $pconfig['interface'] not wan?



  • I made a bug report for this (redmine #2984).


Log in to reply