Bug #2812
closed
Adding a one way phase 2 IPSec tunnel causes a config error
0%
Description
Hi
I have a current IPSec tunnel that is working great.
I tried to add a second and third that is one way (local network set to none, remote set to the network) and I get the following the log:
racoon: ERROR: /var/etc/racoon.conf:54: "{" syntax error
I then tried adding a single unused ip for one, the error moved from line 54 to 64.
If I can provide any other feedback, please let me know.
Files
Updated by Jim Pingle over 12 years ago
Attach your /var/etc/racoon.conf (or /var/etc/ipsec/racoon.conf on 2.1 ) and the ipsec section of your config.xml with the keys removed, and you can sanitize the IPs if you like but leave enough to show that they were actually IPs (e.g. make them 10.x.x.x or similar, don't just mask them out as "xxxx".
Updated by William Hilsum over 12 years ago
- File pfsense.txt pfsense.txt added
Please find it attached - first section is working phase 1, second is working phase 2, third is the faulty one way phase two.
The moment I change the dropdown box from none to anything, it stops the error.
Updated by Chris Buechler over 12 years ago
- Status changed from New to Rejected
there is no such thing as a "one way" P2, the fact that "none" exists there is the actual problem. Your config isn't valid. Actual problem in #2816.
Updated by William Hilsum over 12 years ago
Ok, from my understanding of IPSec, I thought that was the case... but then I finally had a scenario where I thought this would help!
As it isn't a bug (per se) then, I'll post a message on the IPSec forum asking for help!
Thanks very much.