Bug #9839
closedHow to clean disable IPsec VTI Tunnel
0%
Description
I found the exact same question in issue #8691, but with a different purpose.
I have setup some VTI Site to Site tunnels. Each "tunnel" interface has it's rules in IPsec and it's gateway is used in static routes.
But now, I cant find a clean way to just disable such a tunnel. In the GUI trying to disable either phase 1 or 2 fails due the assigned interface.
But I want to keep the interface due it's used in the configuration anywhere.
As a workaround, I just disabled the interface, which has kind of the effect, that no traffic is routed. But the tunnel keeps open.
Nasty side effect with this workaround is, that you cant use the interface in the configuration (i.e. rules). Existing rules don't get lost, but you cant use it to edit or create rules.
Shouldn't it be somehow possible to shutdown the tunnel, for whatever reason, in a clean way without having to drop all configurations or make it impossible to change any related configuration?
Updated by Jim Pingle about 5 years ago
- Status changed from New to Not a Bug
That is a support question, and this site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the Netgate Forum or the pfSense Subreddit .
See Reporting Issues with pfSense Software for more information.
Updated by Thomas Spalinger about 5 years ago
I would agree, and sorry to make the title look like a question.
But the description states, that this is more like a missing feature or bug.