Search
Results (101)
- Bug #12747 (New): System log is filled by sshguard
- sshguard has to restart when he logs are rota ... ed? For example on a test system where an IPSec tunnel is configured but never connects the ipsec log rotates frequently resulting in a system ... og file size reducing the rotation frequency.
- Bug #12715 (New): Long system startup time when LDAP is configured and unavailable during startup.
- # Currently if LDAP is unavailable at system ... e if LDAP connectivity relies on a VPN (e.g. IPsec, WireGuard, etc.), FRR for dynamic routes, e ... d to https://redmine.pfsense.org/issues/11644
- Feature #12625 (New): Granular logging options for default firewall rules.
- Allow the user to control which default firew ... from the firewall host itself and decrypted IPsec traffic</pre> * Anti-lockout <pre># make s ... ss to DHCPv6 server on {$oc['descr']}</pre>
- Regression #12549 (New): Per-user Mobile IPsec settings are not applied to connecting mobile clients
- Not sure when this regressed but it looks lik ... ossible that it changed with swanctl.conf vs ipsec.conf changes. The order right now is "con ... Second related problem is that in the place @ipsec_setup_userpools()@ gets run, it attempts to ... erging it yet until more testing can be done.
- Bug #12508 (New): DHCP Relay over VPN
- Currently, DHCP Relay does not work with OpenVPN TAP nor IPsec VTI. Since the VTI doesn't have a MAC, th ... vmx1. # DHCP Discover unicast is sent over IPsec with the VTI IP as source IP (determined by ... uestionable if this can be made to work over IPsec VTI, this worked previously with OpenVPN TAP ... https://github.com/pfsense/pfsense/pull/1406
- Feature #12473 (New): Allow user adjustment of IPsec Keep Alive periodic checks
- Let the user adjust the keepalive check time ... could be lowered once #12184 is implemented.
- Bug #12335 (New): IPsec DNS inefficiency
- Various aspects of configuring IPsec are inefficiently using DNS. There is a lot ... xample: At the end of @rc.bootup@, it calls @ipsec_configure()@ and then @filter_configure()@, but @ipsec_configure()@ already calls @filter_configure ... why it should be called both places. *Both* @ipsec_configure()@ and @filter_configure()@ end up trying to resolve all the remote FQDNs in IPsec so at the end of the boot process it's tryin ... t-term usage, for example, start a cache in @ipsec_configure()@ which shares it with the @filte ... exts. Additionally, look at all calls of @ipsec_get_phase1_dst()@ such as when configuring VTI interfaces, configuring IPsec, on @status_ipsec.php@, in the widget, etc -- We should do a D ... to wait on DNS to timeout over and over. @ipsec_get_phase1_dst()@ now calls @resolve_retry() ... planning than we have time for at the moment.
- Bug #12095 (New): Memory leak in pcscd
- The PCSC daemon looks to have a memory leak even when it's not in use. Or even when there are no IPSec tunnels defined which might be tied to it. ... s resets the memory use to ~4MB. If you have IPSec tunnels defined which doing that the IPSec service will also need to be stopped and the ... Tested: CE 2.5.1, Plus 21.05 and 21.09.
- Todo #12025 (New): Add 1:1 Validation to Notify Someone They are 1:1 NAT'ing an Interface Address
- Although it is VERY rarely necessary, we shou ... nded due to connectivity issues for dpinger, IPSec, etc. that may occur. Often we see users 1: ... ateway monitoring to fail on that interface).
- Bug #11761 (New): L2TP/IPsec VPN : PPP LCP negotiation occurs before user authentication
- We are using pfSense to provide a l2tp/ipsec VPN connectivity to our users. Users are us ... .x.x charon: 09[IKE] <8> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID Mar 31 11:26:37 x. ... .x.x charon: 05[IKE] <9> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID Mar 31 11:33:21 x. ... more than 20 seconds to submit credentials.