5. Nightly 2.2-BETA 20141108-0611 ipsec leftcert missing (with solution)

Nightly 2.2-BETA 20141108-0611 ipsec leftcert missing (with solution)

  • E

    Hi All:
    In testing 2.2 I noticed the following and I wanted to make sure it's on everybody's radar.  After searching the forum for a solution I went digging. 
    Here's what I found:
    leftcert is missing from the ipsec.conf file, it appears that the following lines are missing in vpn.inc for case 'xauth_rsa_server' and possibly case 'hybrid_rsa_server' (I don't use this so I can't test).

    if (!empty($ph1ent['certref']))
  $authentication .= "\n\tleftcert = {$certpath}/cert-{$ph1ent['ikeid']}.crt";

    With this change I am again able to use my on-demand iOS vpn and other RSA authenticated tunnels.

    0
  • C

    That's the area I'm getting back to next actually, I'll get a fix in for that early this week. Thanks for the report.

    0
  • E

    Can you please test if it works correctly with new snapshots?
    The cahnge has been merged.

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy