Project

General

Profile

Feature #6150

Named IPSec entries

Added by Keith Milner about 5 years ago. Updated over 4 years ago.

Status:
New
Priority:
Low
Assignee:
-
Category:
IPsec
Target version:
-
Start date:
04/14/2016
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default

Description

The StrongSWAN package that the pfSense IPSec implementation is based on supports naming of IPSec Phase 1 connection entries as part of their configuration.

E.g.:

conn myVpn1
....

At present pfSense does not allow the names used for IPSec connections to be configured and, instead, generates internal names such as "con2000". It would be useful to allow the user to define their own names for these for the following reasons:

1. Monitoring the status of the IPSec connection within the command line using "ipsec status" would be easier.

2. Using Syslog to monitor the state of specific IPSec VPNs within network management tools would be easier as the tool can reference the user-supplied VPN name rather than some random and difficult to find system-generated name.

This capability is already present within StrongSwan. It seems it would require GUI changes as well as some changes to the configuration file and associated libraries.

History

#1 Updated by Jim Thompson about 5 years ago

  • Assignee set to Marc Dye

#2 Updated by Renato Botelho over 4 years ago

  • Assignee deleted (Marc Dye)

Also available in: Atom PDF