Tunnel all/specific subnets fails after upgrade to 2.2.4


  • Hello everyone,

    we have found another problem with the strongswan ipsec on pfsense.

    On our win7x64 notebooks we use shrewsoft  to connect with PSK+xauth since 5 years without any problem.

    On the shrewsoft policy tab we define the subnet's that can be reached through the vpn.

    Now after the upgrade we can only reach the subnet connected to the pfsense-lan-interface.

    If we can provide you more details to solve our problem please tell us.

    thanks in advance.

    Andi

    //EDIT:

    I found the problem. For every subnet you need to add an phase 2 entry.

    Adding an entry with  local subnet  0.0.0.0/0 works flawless! (see Attachment) Are there problems that could result in this setting?