IPSec create route which will not be cleared
-
Still the same problem.
If I assign an interface with DHCP, then I will get a route to the destination which uses the right gateway.
If I change the settings to an interface with a static ip the route will not be cleared. -
I suppose the problem is here (vpn_ipsec_phase1.php):
if ($pconfig['interface'] <> "wan") { if($old_ph1ent['remote-gateway'] <> $pconfig['remotegw']) { mwexec("/sbin/route delete -host {$old_ph1ent['remote-gateway']}"); } }The route is only deleted, if the remote gateway changes.
It should be deleted, if the interfaces changes, too. -
I uncomment this in vpn.inc:
log_error("IPSEC interface is not WAN but {$parentinterface}, adding static route for VPN endpoint {$rgip} via {$gatewayip}");and got in log:
May 7 15:28:25 php: /vpn_ipsec.php: IPSEC interface is not WAN but opt1, adding static route for VPN endpoint 10.2.2.10 via 10.3.2.1 May 7 15:28:25 php: /vpn_ipsec.php: IPSEC interface is not WAN but opt1, adding static route for VPN endpoint 10.2.2.10 via 10.3.2.1 May 7 15:28:25 php: /vpn_ipsec.php: IPSEC interface is not WAN but opt1, adding static route for VPN endpoint 10.2.2.10 via 10.3.2.1Is $pconfig['interface'] not wan?
-
I made a bug report for this (redmine #2984).