Bug #12764
open
VTI gateway status is pending after assigning the VTI interface
Added by Viktor Gurov about 2 years ago.
Updated 3 months ago.
Category:
Gateway Monitoring
Description
How to reproduce:
1) Configure IPsec VTI
2) Assign the VTI interface
3) Check the Status / Gateways page - it shows "Pending" for _VTIV4 gateway
4) Workaround: reboot the appliance or click "save" and "apply" on the System / Routing / Gateways page
Tested on latest 23.01-DEV (built on Mon Dec 05 06:05:03 UTC 2022)
This issue hasn't been resolved yet. When new Routed IPsec tunnel is created and IPsec VTi assigned, gateway status is Pending.
Restarting dpinger fixes this issue.
I found it on my VM which had Gateway monitoring disabled so dpinger was not active (Status/Services). So when I added Routed IPsec and assigned IPsec VTi, dpinger remained inactive. Looks like assigning IPsec VTi/adding IPsec VTi gateway is not activating dpinger.
- Category changed from Gateways to Gateway Monitoring
I can confirm this behavior. You can also simply restart the dpinger service to "kick" it out of this state.
VTI tunnels are not the only thing that can cause this.
Releasing and renewing an interface with DHCPv6 will also cause the IPv6 gateway of that interface to go Pending until you restart dpinger.
OpenVPN servers and clients that are added as interfaces will also get into this state
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by