https://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162013-01-07T21:41:42ZpfSense bugtrackerpfSense - Bug #2746: IPv6 IPSEC shows down but is actually not...https://redmine.pfsense.org/issues/2746?journal_id=102362013-01-07T21:41:42ZChris Buechlercbuechler@gmail.com
<ul><li><strong>Target version</strong> set to <i>2.1</i></li><li><strong>Affected Version</strong> changed from <i>2.1</i> to <i>2.1-IPv6</i></li></ul> pfSense - Bug #2746: IPv6 IPSEC shows down but is actually not...https://redmine.pfsense.org/issues/2746?journal_id=103312013-01-22T08:12:08ZJim Pingle
<ul></ul><p>When your tunnels are up, can you attach the output of:</p>
<p>setkey -D</p>
<p>and</p>
<p>setkey -DP</p>
<p>That should help us with making changes to the parsing code, to ensure the output you see is the same as the output we see.</p> pfSense - Bug #2746: IPv6 IPSEC shows down but is actually not...https://redmine.pfsense.org/issues/2746?journal_id=103342013-01-22T10:35:33ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Feedback</i></li></ul><p>I just created a pure IPv6 tunnel between two VMs running today's snapshot and it comes up and works and the status shows the tunnel as connected. SAD and SPD tabs are populated as expected.</p>
<p>I'm guessing you have a configuration error that is resulting in the traffic routing outside the tunnel and not through it, such as having "IPv4" selected on Phase 1 and/or "Tunnel IPv4" selected on Phase 2. Either of those cases would result in the tabs not showing the proper output.</p> pfSense - Bug #2746: IPv6 IPSEC shows down but is actually not...https://redmine.pfsense.org/issues/2746?journal_id=103752013-01-24T19:55:47ZAndre Kellerak@ak.cx
<ul></ul><p>Thanks for getting back to me...</p>
<p>You are right, it was a configuration issue but a mean one :-)</p>
<p>If you select the local network in phase 2 using the dropdown it adds the network to the configuration as follows:<br /> OPT1: 2001:db8:10::/64 -> racoon.conf 2001:db8:10:0:0:0:0:0/64</p>
<p>So when I have the compact version manually type on the other side it shows as down and actually traffic gets not routed through the tunnel...</p>
<p>Seems a bug to me, but not this one :-)</p> pfSense - Bug #2746: IPv6 IPSEC shows down but is actually not...https://redmine.pfsense.org/issues/2746?journal_id=105422013-02-07T03:52:41ZErmal Luçieri@pfsense.org
<ul></ul><p>I pushed some fixes for exactly the issue you mentioned Andre.</p> pfSense - Bug #2746: IPv6 IPSEC shows down but is actually not...https://redmine.pfsense.org/issues/2746?journal_id=105472013-02-07T06:39:25ZJim Pingle
<ul></ul><p>I also committed a couple fixes yesterday that made it work for more situations. It was working if you entered the subnets manually but it was broken if you used a macro like "lan subnet". They should all work now.</p> pfSense - Bug #2746: IPv6 IPSEC shows down but is actually not...https://redmine.pfsense.org/issues/2746?journal_id=110272013-03-05T20:56:26ZChris Buechlercbuechler@gmail.com
<ul><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Resolved</i></li></ul><p>look to all work</p>