Project

General

Profile

Actions

Regression #11545

closed

Primary interface address is not always used when VIPs are present

Added by Kris Phillips almost 4 years ago. Updated over 1 year ago.

Status:
Resolved
Priority:
Normal
Category:
Interfaces
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
23.01
Release Notes:
Default
Affected Version:
2.5.0
Affected Architecture:
All

Description

If you have IP Aliases on a WAN interface that a Site to Site IPSec tunnel is riding over and upgrade from 2.4.5p1 to pfSense Plus, you have to go into the WAN interface and hit "Save" and "Apply Configuration" then restart the IPsec service to bring tunnels up post-upgrade. Otherwise IPSec will never connect no matter how many times you cycle the service.

Step by Step:

1. Create IPSec on WAN interface with several IP Aliases
2. Upgrade to 21.02/21.02p1
3. IPSec is broken, so you go into the WAN interface, hit save with no changes, and Apply Changes.
4. Restart IPSec service

Tunnels now work.


Related issues

Related to Bug #3997: get_interface_ip() returns first IP on interface, not necessarily primary IPResolvedChris Buechler11/06/2014

Actions
Related to Bug #11629: PPPoE WAN IP address different than expected when set static by ISPResolvedViktor Gurov03/05/2021

Actions
Has duplicate Bug #12532: Virtual IP problem with OpenVPNDuplicate

Actions
Actions

Also available in: Atom PDF