Bug #12315
Updated by Jim Pingle about 3 years ago
When @ipsec_force_reload($interface)@ `ipsec_force_reload($interface)` is called, for example by @/etc/rc.newwanip@, it only looks for tunnels which specifically match the given interface name. If a tunnel has a gateway group assigned as its interface, the tunnel does not get reloaded when it should as it does not match the interface name directly. The function should also check if the Phase 1 source for a tunnel (either an interface, a VIP, or a gateway group) matches an address on the interface name passed to the function.