Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Nightly 2.2-BETA 20141108-0611 ipsec leftcert missing (with solution)

    Scheduled Pinned Locked Moved 2.2 Snapshot Feedback and Problems - RETIRED
    3 Posts 3 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      elijahmm
      last edited by

      Hi All:
      In testing 2.2 I noticed the following and I wanted to make sure it's on everybody's radar.  After searching the forum for a solution I went digging. 
      Here's what I found:
      leftcert is missing from the ipsec.conf file, it appears that the following lines are missing in vpn.inc for case 'xauth_rsa_server' and possibly case 'hybrid_rsa_server' (I don't use this so I can't test).

      if (!empty($ph1ent['certref']))
  $authentication .= "\n\tleftcert = {$certpath}/cert-{$ph1ent['ikeid']}.crt";

      With this change I am again able to use my on-demand iOS vpn and other RSA authenticated tunnels.

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        That's the area I'm getting back to next actually, I'll get a fix in for that early this week. Thanks for the report.

        1 Reply Last reply Reply Quote 0
        • E
          eri--
          last edited by

          Can you please test if it works correctly with new snapshots?
          The cahnge has been merged.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.