https://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162021-02-27T06:39:14ZpfSense bugtrackerpfSense - Regression #11555: IPsec peer ID of "Any" does not generate a proper remote definition or related secretshttps://redmine.pfsense.org/issues/11555?journal_id=516972021-02-27T06:39:14ZViktor Gurov
<ul></ul><p>fix:<br /><a class="external" href="https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/162">https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/162</a></p> pfSense - Regression #11555: IPsec peer ID of "Any" does not generate a proper remote definition or related secretshttps://redmine.pfsense.org/issues/11555?journal_id=517202021-02-27T15:31:53ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Pull Request Review</i></li></ul> pfSense - Regression #11555: IPsec peer ID of "Any" does not generate a proper remote definition or related secretshttps://redmine.pfsense.org/issues/11555?journal_id=517752021-03-01T08:18:03ZRenato Botelhorenato@netgate.com
<ul><li><strong>Status</strong> changed from <i>Pull Request Review</i> to <i>Feedback</i></li></ul><p>PR has been merged. Thanks!</p> pfSense - Regression #11555: IPsec peer ID of "Any" does not generate a proper remote definition or related secretshttps://redmine.pfsense.org/issues/11555?journal_id=520812021-03-09T13:30:18ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Waiting on Merge</i></li><li><strong>Target version</strong> changed from <i>CE-Next</i> to <i>2.5.1</i></li></ul> pfSense - Regression #11555: IPsec peer ID of "Any" does not generate a proper remote definition or related secretshttps://redmine.pfsense.org/issues/11555?journal_id=521922021-03-10T13:04:10ZRenato Botelhorenato@netgate.com
<ul><li><strong>Status</strong> changed from <i>Waiting on Merge</i> to <i>Feedback</i></li></ul><p>Cherry-picked to RELENG_2_5_1</p> pfSense - Regression #11555: IPsec peer ID of "Any" does not generate a proper remote definition or related secretshttps://redmine.pfsense.org/issues/11555?journal_id=522642021-03-11T15:30:14ZJim Pingle
<ul><li><strong>File</strong> <a href="/attachments/3505">ipsec-config-11555.xml</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/3505/ipsec-config-11555.xml">ipsec-config-11555.xml</a> added</li></ul><p>To reproduce the problem, restore the attached IPsec config section to a system without IPsec. Edit/save/apply on the IPsec tunnel.</p>
<p>Check the generated <code>/var/etc/ipsec/swanctl.conf</code> file and the <code>remote</code> block will be missing the identifier. Additionally, the <code>secrets</code> block will be missing.</p>
<pre>
remote {
auth = psk
}
</pre>
<p>On a snapshot with the fix, the same tunnel will have an id line in the <code>remote</code> block, and a <code>secrets</code> block</p>
<pre>
remote {
id = %any
auth = psk
}
[...]
secrets {
ike-0 {
secret = 0sZTA3NDhmOWEwY2YwODBiNTExOGNjY2IzNzBlZWEwMWM3MmYzYzliODVlMWUzYTI0NDVkZjEwYzc=
id-0 = %any
id-1 = %any
}
}
</pre> pfSense - Regression #11555: IPsec peer ID of "Any" does not generate a proper remote definition or related secretshttps://redmine.pfsense.org/issues/11555?journal_id=522952021-03-12T10:26:55ZJim Pingle
<ul><li><strong>Subject</strong> changed from <i>IPsec peer ID of "Any" is not working consistently</i> to <i>IPsec peer ID of "Any" does not generate a proper remote definition or related secrets</i></li></ul><p>Updating subject for release notes.</p> pfSense - Regression #11555: IPsec peer ID of "Any" does not generate a proper remote definition or related secretshttps://redmine.pfsense.org/issues/11555?journal_id=529602021-04-13T10:52:00ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Closed</i></li></ul>