Project

General

Profile

Actions

Bug #2300

closed

Static routes for IPsec peers missing when attached to IP Alias VIP

Added by Jim Pingle almost 13 years ago. Updated over 11 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
IPsec
Target version:
Start date:
03/19/2012
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:

Description

The "static route needed?" check in vpn.inc for IPsec peers only checks CARP VIPs to see if a static route is needed, and not IP Alias VIPs. So if you attach a tunnel to an IP Alias VIP on an alternate (non-default) WAN, it does not get a static route, and thus doesn't work properly.

Actions #1

Updated by Jim Pingle over 12 years ago

The problem seems to be, in part, that this checks for an interface name of carp or vip, but with IP alias it would actually be an IP address. Needs some more logic there.

Actions #2

Updated by Ermal Luçi about 12 years ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100
Actions #3

Updated by Ermal Luçi about 12 years ago

Actions #4

Updated by Chris Buechler over 11 years ago

  • Status changed from Feedback to Resolved
Actions

Also available in: Atom PDF