pfSense

In the currently nightly snapshot, I'm unable to select a PFS group for an individual Phase 2 configuration unless the global override in the Mobile Clients section is also enabled. When the global override option is disabled, the PFS group selection menu in the Phase 2 configuration screen is also disabled and the label reads "Set globally in mobile client options" From the documentation, this behavior seems to be the opposite from what is expected and how the system behaved previously (which is why I've marked this as a regression). Notably, when the global override is disabled the element configuring it is removed from strongswan.conf as expected, but the previously selected PFS group for the individual Phase 2 is still present in the configured proposal in swanctl.conf even though the value can no longer be changed in the UI.