Project

General

Profile

Actions

Regression #11486

closed

Connect and disconnect buttons on the IPsec status page do not work for all tunnels

Added by Jim Pingle almost 4 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
High
Assignee:
Category:
IPsec
Target version:
Start date:
02/20/2021
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
2.5.0
Affected Architecture:

Description

The connect and disconnect buttons on IPsec status are not working for all tunnels. When they don't work, there appears to be no action taken, no log entries, etc.

Somewhat related to #11435 and #9592

To me, I have a fix.

Actions #1

Updated by Jim Pingle almost 4 years ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100
Actions #2

Updated by Renato Botelho almost 4 years ago

  • Target version changed from CE-Next to 2.5.1
Actions #3

Updated by Jim Pingle over 3 years ago

To reproduce the problem, restore the IPsec config section from issue #11487 to a system without IPsec. Edit/save/apply on the IPsec tunnel. Restore it to a second one, and adjust them so they complement each other (e.g. fix remote addresses, change P2 subnets to match the LANs, etc).

On a system without the fix, the IPsec status page will show a "Connect VPN" button but it does not connect the tunnel. Watching the IPsec log you can see it is attempting to initiate child con1000 which does not exist, so nothing happens.

On a system with the fix, the "Connect VPN" button will properly attempt to establish the tunnel.

Now create a new IPsec tunnel mode instance manually and repeat the test. Then create a new VTI tunnel instance and repeat the test as well. If all three (Restored section, fresh tunnel, fresh VTI) have a functioning manual "Connect VPN" button, then we can consider it resolved.

Actions #4

Updated by Jim Pingle over 3 years ago

  • Subject changed from IPsec status connect/disconnect not working for all tunnels to Connect and disconnect buttons on the IPsec status page do not work for all tunnels

Updating subject for release notes.

Actions #5

Updated by Jim Pingle over 3 years ago

  • Status changed from Feedback to Closed
Actions

Also available in: Atom PDF