Actions
Bug #6517
open
Adding mobile IPsec phase 2 entries requires restart of strongswan
Status:
Confirmed
Priority:
Normal
Assignee:
-
Category:
IPsec
Target version:
-
Start date:
06/21/2016
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:
Description
Using mobile IPsec on 2.3.1-RELEASE-p1 and using OS X 10.11.4 on the client side, I find that when I add additional P2 entries in VPN > IPsec > Tunnels, these do not take effect/get pushed out to the client (seemingly) until I reboot pfSense. Restarting IPsec on pfSense does not seem to have any effect.
The IPsec log shows all non-new P2 entries being pushed out to my OS X client, such as:
04[IKE] <con1|13> CHILD_SA con1{24} established with SPIs c2b8a067_i 0780f641_o and TS aaa.bbb.ccc.ddd/28|/0 === 10.aaa.bbb.ccc/32|/0
Updated by
Actions