Project

General

Profile

Bug #1289

IPsec mobile remote access (roadwarrior) responder (server) configuration

Added by Tero Mononen over 8 years ago. Updated about 8 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
IPsec
Target version:
Start date:
02/16/2011
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.0
Affected Architecture:
All

Description

Hello.

IPsec mobile client configuration (Hybrid XAuth Server) does not put 'passive on' directive into racoon.conf as recommended on racoon manual (see generate_policy directive). Lack of this directive may result into server trying to initiate ISAKMP Phase-1 SA negotiation towards the client, which will not work, or at least will result into obscure behaviour when XAuth is involved.

Version: pfSense 2.0 beta (downloaded Feb 12, 2011).
Hardware: VirtualBox

Associated revisions

Revision 5f17fb7e (diff)
Added by Scott Ullrich about 12 years ago

Correctly setup nat interface mappings when AON is disabled and a gateway is present.

Ticket #1289

History

#1 Updated by Chris Buechler about 8 years ago

  • Category set to IPsec
  • Status changed from New to Resolved
  • Target version set to 2.0

fixed

Also available in: Atom PDF