IPSEC Script error
-
dsl.rad-az.de is wrong parsed as dsl.rad
Jun 27 16:27:50 check_reload_status: Syncing firewall Jun 27 16:27:50 check_reload_status: Reloading filter Jun 27 16:27:50 php: /vpn_ipsec.php: The command '/usr/local/sbin/setkey -f /tmp/spd.conf.reload.1372350470.79i0Di 2>&1' returned exit code '1', the output was 'libipsec: invalid IP address while parsing "dsl.rad" line 1: hostname nor servname provided, or not known at [ out ipsec esp/tunnel/46.165.174.98-dsl.rad-az.de/unique] parse failed, line 1.' Jun 27 16:27:50 php: /vpn_ipsec.php: Removing SPDs from tunnel gw 'dsl.rad-az.de'. Local Subnet '192.168.192.0/24' and Remote Subnet '10.19.12.0/24'. Reloading policy -
Isn't this a error?
The command '/usr/local/sbin/setkey -f /tmp/spd.conf.reload.1372350470.79i0Di 2>&1' returned exit code '1'
-
It looks like racoon's setkey doesn't parse that hostname right due to the "-" in the domain, setkey uses "-" as a special separator. There may not be anything we can do for that, but we may have to check on that.
Do you just have that hostname in as the remote gateway, or do you have it as the identifier also?
-
For identifier I use "rad-az".
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.