Ipsec passive on

  • Hi guys, i need to set "passive = on" in my ipsec configuration.
    I didn't found this option in web gui. So, i modified manually /var/etc/ipsec/racoon.conf.

    Now, i'm not sure that after reboot, pfsense will retain this configuration, and for now i can't reboot firewall :(

    Some suggestions for keep this configuration in racoon.conf after reboot?

    Thanks in advance.

  • I solved it changing file attributes (racoon.conf) with chflags.

  • please can you share how you did it.

  • chflags schg filename

    If you want to be sure that command changed attributes correctly:

    ls -lo filename

    -rw-r–r--  1 root  wheel  schg 193 Aug  1 09:20 filename

    After, if you need to change it again, it will be sufficient to remove protection attributes with:

    chflags noschg filename

Log in to reply