Bug #874
closedCreating IPSec Phase1 failes in BETA4-20100904-0228
0%
Description
I am new to pfSense, but i must say I like it, so It might be a newbe error :)
When I try to start and setup the IPSec for mobile clients i get the following error:
The following input errors were detected:
The field 'Certificate Authority' is required.
Updated by Jim Pingle about 14 years ago
- Status changed from New to Rejected
It works fine if you select a method that does not require a certificate. It also works fine if you select RSA mode and choose a CA and Certificate.
If you use a method that requires a certificate, you must also have a certificate authority created/imported/chosen as well as the certificate itself.
Please use the forum, mailing lists, or IRC for support issues.
Updated by Roop Singh about 14 years ago
Build Sat Sep 4 11:27:25 EDT 2010
vpn_ipsec_phase1.php
140 $method = $pconfig['authentication_method'];
141 // Only require PSK here for normal PSK tunnels (not mobile) or xauth.
142 if ((($method "pre_shared_key") && (!$pconfig['mobile']))||($method "xauth_psk_server")) {
143 $reqdfields = explode(" ", "pskey");
144 $reqdfieldsn = array(gettext("Pre-Shared Key"));
145 } else {
146 $reqdfields = explode(" ", "caref certref");
147 $reqdfieldsn = array(gettext("Certificate Authority"),gettext("Certificate"));
Using PSK shouldn't prompt me for a CA but it does. I'm commenting out lines 146 and 147 just so I can create a phase 1 setting.
Updated by Jim Pingle about 14 years ago
I have tried both a normal and mobile tunnel, and none of the PSK modes prompt me for a CA.
Again, please use the forum to gain additional feedback, not the ticket system.
Updated by Roop Singh about 14 years ago
Very well, Rickard u here's my forum post: