Project

General

Profile

Feature #4359

IPsec controlling uniqueid value

Added by Ermal Luçi almost 5 years ago. Updated over 4 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Ermal Luçi
Category:
IPsec
Target version:
Start date:
01/31/2015
Due date:
% Done:

100%

Estimated time:

Description

Strongswan allows ID behaviour to be controllable especially useful for multiple devices connecting with same ID.

Associated revisions

Revision 908edbd3 (diff)
Added by Ermal Luçi almost 5 years ago

Fixes #4359 Allow controlling uniqueids

Revision 86e1846f (diff)
Added by Ermal Luçi almost 5 years ago

Fixes #4359 Allow controlling uniqueids

History

#1 Updated by Ermal Luçi almost 5 years ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100

#2 Updated by Ermal Luçi almost 5 years ago

#3 Updated by Chris Buechler over 4 years ago

  • Status changed from Feedback to Resolved

works

#4 Updated by Steve Wheeler over 4 years ago

There appears to be a bug in this. The setting is written to the config.xml file but never ends up in ipsec.conf which always reads 'yes'. Tested on 2.2.1-rel 64bit

#5 Updated by Jim Pingle over 4 years ago

  • Status changed from Resolved to New
  • Target version changed from 2.2.1 to 2.2.2
  • % Done changed from 100 to 50

#6 Updated by Benjamin von Mossner over 4 years ago

This pull request https://github.com/pfsense/pfsense/pull/1593 should fix the issue

#7 Updated by Ermal Luçi over 4 years ago

  • Status changed from New to Feedback

Merged thx.

#8 Updated by David Harrigan over 4 years ago

Hi,

There appears to be a bug with pfSense 2.2.1. Following on from the initial topic:

https://forum.pfsense.org/index.php?topic=87857.new;topicseen#new

Specificially:

"
Hi,

pfSense 2.2.1

I've been looking to test out this patch that was applied then came out with pfSense 2.2.1 - but it doesn't appear to set the value! :-(

VPN...IPsec...advanced settings...Configure Unique IDs as.

If I set as "no" and click apply, the value in /var/etc/ipsec/ipsec.conf remains as "uniqueips = yes".

Indeed, if I refresh the page, the NO changes to YES.

Am I doing something incorrect?

=david=
"

It appears that there is a bug in that the setting is not applied or maintained.

Thank you.

=david=

#9 Updated by David Harrigan over 4 years ago

Hi,

Oops, just noticed that this has hopefully fixed with this PR: https://github.com/pfsense/pfsense/pull/1593.

Thanks!

=david=

#10 Updated by Chris Buechler over 4 years ago

  • Status changed from Feedback to Resolved
  • % Done changed from 50 to 100

works

Also available in: Atom PDF