Project

General

Profile

Bug #10758

Group Authentication is never used

Added by Viktor Gurov about 1 month ago. Updated 9 days ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
IPsec
Target version:
-
Start date:
07/11/2020
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.4.5-p1
Affected Architecture:

Description

IPsec / Mobile Clients -> 'Group Authentication' is never used on the 2.4.5-p1 or 2.5 pfSense:

# grep group_source -r /
/etc/inc/upgrade_config.inc:            $config['ipsec']['client']['group_source'] = 'system';
/usr/local/www/vpn_ipsec_mobile.php:    $pconfig['group_source'] = $a_client['group_source'];
/usr/local/www/vpn_ipsec_mobile.php:    $reqdfields = explode(" ", "user_source group_source");
/usr/local/www/vpn_ipsec_mobile.php:        $client['group_source'] = $pconfig['group_source'];
/usr/local/www/vpn_ipsec_mobile.php:    'group_source',
/usr/local/www/vpn_ipsec_mobile.php:    $pconfig['group_source'],

Legacy feature?

History

#1 Updated by Jim Pingle 29 days ago

If I remember right, it was used with the old Racoon IPsec implementation and may have been left out when we moved to strongSwan for some reason or another.

It looks like the PR for #10748 might start using this again so is this issue even necessary to keep? It could be closed in favor of that one, or the PR could be referenced here and that one closed.

#2 Updated by Viktor Gurov 9 days ago

  • Status changed from New to Closed

see fix in #10748

Also available in: Atom PDF