Project

General

Profile

Actions

Bug #2201

closed

Picking interface subnet in IPsec for an interface with no IP generates invalid racoon.conf

Added by Chris Buechler over 9 years ago. Updated about 9 years ago.

Status:
Resolved
Priority:
Low
Assignee:
-
Category:
IPsec
Target version:
-
Start date:
02/13/2012
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.0
Affected Architecture:

Description

If you pick an interface subnet in an IPsec P2 that has no IP, it generates an invalid racoon.conf. Input validation should prohibit picking the subnet on an interface that doesn't have a subnet on vpn_ipsec_phase2.php.

Also may want to skip that entirely in racoon.conf and log an error, in case someone changes an interface later from having an IP to none. Or prohibit changing an interface to type "none" if its subnet is used in any IPsec P2.

Actions #1

Updated by Jim Pingle over 9 years ago

  • Status changed from New to Feedback
Actions #2

Updated by Jim Pingle about 9 years ago

  • Status changed from Feedback to Resolved
Actions

Also available in: Atom PDF