Actions
Bug #9243
closedIPsec ID type keyid not explicitly set
Start date:
01/01/2019
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4.4_1
Affected Architecture:
Description
Identifier type is set to "Key ID tag" on both sides. Sonicwall says in log: "VPN Policy: Local ID type: KEY ID; Remote ID type: FQDN"
IKEv1 main mode PSK.
Updated by Jim Pingle over 5 years ago
- Subject changed from IPSec Connection to SonicWall to IPsec ID type keyid not explicitly set
- Target version set to 2.5.0
In fixing #4811 (and #4792) the prefix was dropped from keyid identifiers, see d44e7dc081d01eb106cbc5d4871a88b683ee3b9e
It looks like the prefix needs to come back, at least as an option. Otherwise it puts the ID in as-is, and strongSwan appears to assume it's an FQDN based on context.
Updated by Jim Pingle over 5 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset 3a73fc74ca54b1167fbecfb679d0e634f5f1ab2e.
Updated by Jim Pingle about 5 years ago
- Target version changed from 2.5.0 to 2.4.5
Updated by Jim Pingle about 5 years ago
- Status changed from Feedback to Resolved
Keyid now has the appropriate prefix, and works as expected on 2.4.5.a.20191220.0501
rightid = "keyid:abc123"
Actions