Project

General

Profile

Actions
Copy link

Regression #14713

closed

Mobile IPsec not allocating address to connecting clients on dev snapshots

Added by Jim Pingle 9 months ago. Updated 7 months ago.

Status:
Resolved
Priority:
Very High
Assignee:
Jim Pingle
Category:
IPsec
Target version:
2.7.1
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
23.09
Release Notes:
Force Exclusion
Affected Version:
Affected Architecture:

Description

This regressed since the previous release at some point. Mobile client attempts to connect but is unable to obtain an address and the connection fails. Affects at least IKEv2 EAP-MSCHAPv2 and EAP-RADIUS but likely others as well.

Logs are similar to the following:

Aug 25 08:41:12     charon     46814     13[IKE] <con-mobile|10> peer requested virtual IP %any
Aug 25 08:41:12     charon     46814     13[IKE] <con-mobile|10> no virtual IP found for %any requested by 'jimp'
Aug 25 08:41:12     charon     46814     13[IKE] <con-mobile|10> peer requested virtual IP %any6
Aug 25 08:41:12     charon     46814     13[IKE] <con-mobile|10> no virtual IP found for %any6 requested by 'jimp'
Aug 25 08:41:12     charon     46814     13[IKE] <con-mobile|10> no virtual IP found, sending INTERNAL_ADDRESS_FAILURE
Actions
Copy link

Also available in: Atom PDF