Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    "Status: IPsec" GUI improvements

    IPsec
    3
    4
    1207
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      corradolab
      last edited by

      Hi,

      I suggest the following improvements to the "Status: IPsec" page:

      • Allow start/stop enable/disable for a single tunnel. Actually it's only possibile to start it. To restart a tunnel I must go to "VPN: IPsec", disable it, save changes, re-enable it and save changes again. This is time consuming and cannot be delegated to the end user, because letting him access the "VPN: IPsec" page means he could mess up tunnels setup.

      • Show disabled tunnels. They does not appear now.

      Also I can't see any user in the "Mobile Users" table, despite an active connection.
      Maybe connections without xauth does not shows up?

      Regards,
        Corrado

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        1. Isn't easily possible to do in a general way that would work for every tunnel every time
        2. Wouldn't be hard to do just isn't something we do now.

        mobile users list only works for xauth.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • S
          silvertip257
          last edited by

          @corradolab:

          Hi,

          I suggest the following improvements to the "Status: IPsec" page:

          • Allow start/stop enable/disable for a single tunnel. Actually it's only possibile to start it. To restart a tunnel I must go to "VPN: IPsec", disable it, save changes, re-enable it and save changes again. This is time consuming and cannot be delegated to the end user, because letting him access the "VPN: IPsec" page means he could mess up tunnels setup.

          • Show disabled tunnels. They does not appear now.

          Also I can't see any user in the "Mobile Users" table, despite an active connection.
          Maybe connections without xauth does not shows up?

          Regards,
            Corrado

          KAME Racoon does not allow one tunnel to be downed without bouncing all the tunnels.

          (Unless something in Racoon's code has changed of course, that was always one of the bigger drawbacks to Racoon.  In addition to the wonderfully vague error/debug messages as I've come to find :).)

          re 1:
          Why don't you just have the end user to to Status > Services > restart Racoon?

          re 2:
          Is there really a need to show disabled tunnels in the Dashboard widget or elsewhere?
          After all it is disabled.  It will just clutter the tidy interface/display!

          1 Reply Last reply Reply Quote 0
          • C
            corradolab
            last edited by

            Hi Silvertip,

            if I understand you mean that when I disable a tunnel, save changes, re-enable and save changes again I'm actually bouncing all tunnels twince.

            If so I agree it is faster to restart Racoon once.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post