Regression #11486
closed
Connect and disconnect buttons on the IPsec status page do not work for all tunnels
100%
Updated by Jim Pingle about 3 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset 50c2b3f9586090593bf45a7c5c6d5873f7fd4cdf.
Updated by Renato Botelho about 3 years ago
- Target version changed from CE-Next to 2.5.1
Updated by Jim Pingle about 3 years ago
To reproduce the problem, restore the IPsec config section from issue #11487 to a system without IPsec. Edit/save/apply on the IPsec tunnel. Restore it to a second one, and adjust them so they complement each other (e.g. fix remote addresses, change P2 subnets to match the LANs, etc).
On a system without the fix, the IPsec status page will show a "Connect VPN" button but it does not connect the tunnel. Watching the IPsec log you can see it is attempting to initiate child con1000 which does not exist, so nothing happens.
On a system with the fix, the "Connect VPN" button will properly attempt to establish the tunnel.
Now create a new IPsec tunnel mode instance manually and repeat the test. Then create a new VTI tunnel instance and repeat the test as well. If all three (Restored section, fresh tunnel, fresh VTI) have a functioning manual "Connect VPN" button, then we can consider it resolved.
Updated by Jim Pingle about 3 years ago
- Subject changed from IPsec status connect/disconnect not working for all tunnels to Connect and disconnect buttons on the IPsec status page do not work for all tunnels
Updating subject for release notes.