Bug #9243
closed
IPsec ID type keyid not explicitly set
Added by Christian Merges almost 6 years ago.
Updated almost 5 years ago.
Description
Identifier type is set to "Key ID tag" on both sides. Sonicwall says in log: "VPN Policy: Local ID type: KEY ID; Remote ID type: FQDN"
IKEv1 main mode PSK.
- Subject changed from IPSec Connection to SonicWall to IPsec ID type keyid not explicitly set
- Target version set to 2.5.0
In fixing #4811 (and #4792) the prefix was dropped from keyid identifiers, see d44e7dc081d01eb106cbc5d4871a88b683ee3b9e
It looks like the prefix needs to come back, at least as an option. Otherwise it puts the ID in as-is, and strongSwan appears to assume it's an FQDN based on context.
- Assignee set to Jim Pingle
- Status changed from New to Feedback
- % Done changed from 0 to 100
- Target version changed from 2.5.0 to 2.4.5
- Status changed from Feedback to Resolved
Keyid now has the appropriate prefix, and works as expected on 2.4.5.a.20191220.0501
rightid = "keyid:abc123"
Also available in: Atom
PDF
Updated by