4. IPsec HEADS UP for 2.2.1 users

IPsec HEADS UP for 2.2.1 users

  • C

    When we removed the code for the "Prefer old SAs" option, which set the value to -30, I noticed it was no longer getting set to -30 but neglected to notice it was being set to 1, which is an alternate value for enabled. No one else noticed either unfortunately.

    This is the cause of rekeying issues some of you have after upgrading to 2.2.1. 2.2.2 will be coming soon to fix this, but you can easily fix it in the mean time.

    Go to System>Advanced, System Tunables tab, and add a new value there.

    Name: net.key.preferred_oldsa
    Value: 0

    Then save and apply changes. That immediately takes effect. That can stay there indefinitely, it won't impact anything post-upgrade with the proper fix.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy