Actions
Bug #8239
closedIf IPsec bypasslan is enabled while the LAN interface is disabled, all traffic bypasses IPsec
Start date:
12/27/2017
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4.x
Affected Architecture:
All
Description
If IPsec bypasslan is enabled while the LAN interface is disabled, all traffic bypasses IPsec because it makes an SPD for 0.0.0.0/0 to 0.0.0.0/0 set to 'none', which effectively makes all traffic skip IPsec processing.
bypasslan should be skipped if LAN is disabled or if LAN does not have an IP address
Updated by Jim Pingle almost 7 years ago
- Status changed from New to Confirmed
- Assignee set to Jim Pingle
Updated by Jim Pingle almost 7 years ago
- Status changed from Confirmed to Feedback
- % Done changed from 0 to 100
Applied in changeset fbdf0a084da239ca785360106b3dd8d1390223cf.
Updated by Jim Pingle over 6 years ago
- Status changed from Feedback to Resolved
Works fine now. If the interface is disabled or otherwise has no address, then bypasslan is omitted.
Actions