Project

General

Profile

Bug #874

Creating IPSec Phase1 failes in BETA4-20100904-0228

Added by Rickard u over 9 years ago. Updated over 9 years ago.

Status:
Rejected
Priority:
High
Assignee:
-
Category:
-
Target version:
-
Start date:
09/04/2010
Due date:
% Done:

0%

Estimated time:
Affected Version:
Affected Architecture:

Description

I am new to pfSense, but i must say I like it, so It might be a newbe error :)

When I try to start and setup the IPSec for mobile clients i get the following error:

The following input errors were detected:
The field 'Certificate Authority' is required.

History

#1 Updated by Jim Pingle over 9 years ago

  • Status changed from New to Rejected

It works fine if you select a method that does not require a certificate. It also works fine if you select RSA mode and choose a CA and Certificate.

If you use a method that requires a certificate, you must also have a certificate authority created/imported/chosen as well as the certificate itself.

Please use the forum, mailing lists, or IRC for support issues.

#2 Updated by Roop Singh over 9 years ago

Build Sat Sep 4 11:27:25 EDT 2010

vpn_ipsec_phase1.php
140 $method = $pconfig['authentication_method'];
141 // Only require PSK here for normal PSK tunnels (not mobile) or xauth.
142 if ((($method "pre_shared_key") && (!$pconfig['mobile']))||($method "xauth_psk_server")) {
143 $reqdfields = explode(" ", "pskey");
144 $reqdfieldsn = array(gettext("Pre-Shared Key"));
145 } else {
146 $reqdfields = explode(" ", "caref certref");
147 $reqdfieldsn = array(gettext("Certificate Authority"),gettext("Certificate"));

Using PSK shouldn't prompt me for a CA but it does. I'm commenting out lines 146 and 147 just so I can create a phase 1 setting.

#3 Updated by Jim Pingle over 9 years ago

I have tried both a normal and mobile tunnel, and none of the PSK modes prompt me for a CA.

Again, please use the forum to gain additional feedback, not the ticket system.

#4 Updated by Roop Singh over 9 years ago

Very well, Rickard u here's my forum post:

http://forum.pfsense.org/index.php/topic,28064.0.html

Also available in: Atom PDF