Feature #6150
closedNamed IPSec entries
0%
Description
The StrongSWAN package that the pfSense IPSec implementation is based on supports naming of IPSec Phase 1 connection entries as part of their configuration.
E.g.:
conn myVpn1
....
At present pfSense does not allow the names used for IPSec connections to be configured and, instead, generates internal names such as "con2000". It would be useful to allow the user to define their own names for these for the following reasons:
1. Monitoring the status of the IPSec connection within the command line using "ipsec status" would be easier.
2. Using Syslog to monitor the state of specific IPSec VPNs within network management tools would be easier as the tool can reference the user-supplied VPN name rather than some random and difficult to find system-generated name.
This capability is already present within StrongSwan. It seems it would require GUI changes as well as some changes to the configuration file and associated libraries.
Updated by Jim Pingle over 2 years ago
- Status changed from New to Rejected
Using custom names will cause more problems than it solves.
I'm in the process of doing some work on IPsec which will make the connection names more logical and predictable, so it will be easier to match things up.