Actions
Regression #14713
closedMobile IPsec not allocating address to connecting clients on dev snapshots
Start date:
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
23.09
Release Notes:
Force Exclusion
Affected Version:
Affected Architecture:
Description
This regressed since the previous release at some point. Mobile client attempts to connect but is unable to obtain an address and the connection fails. Affects at least IKEv2 EAP-MSCHAPv2 and EAP-RADIUS but likely others as well.
Logs are similar to the following:
Aug 25 08:41:12 charon 46814 13[IKE] <con-mobile|10> peer requested virtual IP %any Aug 25 08:41:12 charon 46814 13[IKE] <con-mobile|10> no virtual IP found for %any requested by 'jimp' Aug 25 08:41:12 charon 46814 13[IKE] <con-mobile|10> peer requested virtual IP %any6 Aug 25 08:41:12 charon 46814 13[IKE] <con-mobile|10> no virtual IP found for %any6 requested by 'jimp' Aug 25 08:41:12 charon 46814 13[IKE] <con-mobile|10> no virtual IP found, sending INTERNAL_ADDRESS_FAILURE
Updated by Jim Pingle about 1 year ago
This regressed in a recent rector refactoring ( 264198a5a69c0ea45726ccb4c0682f1f0cd5e8a9 ), some references to $a_client
in ipsec.inc
were updated but others were not. I manually updated the rest and now I can connect again. Commit coming shortly.
Updated by Jim Pingle about 1 year ago
- Status changed from In Progress to Feedback
- % Done changed from 0 to 100
Applied in changeset ceea1bd07b25ecb3061f3eda1a5137d2ead8311d.
Actions