Search
Results (102)
- Bug #12398 (Feedback): "Expiration and Replacement" section is shown twice when editing a mobile IPsec phase 2 entry
- When editing a phase 2 entry for a mobile IPsec tunnel the "Expiration and Replacement" sect ... ng the internal mobile type flag on the P2.
- Feature #12397 (New): Distinguish between policy-based and route-based entries on IPsec status SPD tab
- The IPsec Status SPD tab at @status_ipsec_spd.php@ prints information from the securit ... .0/24[any] 10.8.0.0/24[any] any out ipsec esp/tunnel/198.51.100.14-198.51.100 ... 0.0.0/0[any] 0.0.0.0/0[any] any out ipsec esp/tunnel/198.51.100.14-198.51.100 ... spid=138 seq=3 pid=38035 scope=ifnet ifname=ipsec29 refcnt=1 </pre> Note it has @ ... and also lists the specific VTI interface (@ipsec29@) Additionally, at some point the outpu ... being properly parsed. This output is from @ipsec_dump_spd()@, note that @reqid@ should just b ... ould happen is: * Fix @reqid@ parsing in @ipsec_dump_spd()@ * @ipsec_dump_spd()@ should parse and include data for @scope@ and (if present), @ifname@ * @status_ipsec_spd.php@ should include columns for @reqid@ ... ng to P2 edit but that may clutter the page
- Bug #12385 (Pull Request Review): deleteVIP() does not check 1:1 NAT and Outbound NAT rules
- It is possible to delete the Virtual IP that ... tional input checks needed see also #12356
- Bug #12356 (Pull Request Review): deleteVIP() does not check IPsec PH1
- It is possible to delete the Virtual IP that is used by IPsec PH1 see the result in the attached screenshot
- Bug #12350 (Confirmed): IPsec DH Group 32 incorrectly labelled
- In the settings UI for IKE Phase 1 and Phase ... g/projects/strongswan/wiki/IKEv2CipherSuites)
- Bug #12347 (New): IPsec widget treats Phase 1 in "connecting" state as connected
- The IPSec widget will show tunnels connected at P1 whe ... 1:15:22 EDT 2021 FreeBSD 12.2-STABLE </pre>
- Bug #12335 (New): IPsec DNS inefficiency
- Various aspects of configuring IPsec are inefficiently using DNS. There is a lot ... xample: At the end of @rc.bootup@, it calls @ipsec_configure()@ and then @filter_configure()@, but @ipsec_configure()@ already calls @filter_configure ... why it should be called both places. *Both* @ipsec_configure()@ and @filter_configure()@ end up trying to resolve all the remote FQDNs in IPsec so at the end of the boot process it's tryin ... t-term usage, for example, start a cache in @ipsec_configure()@ which shares it with the @filte ... exts. Additionally, look at all calls of @ipsec_get_phase1_dst()@ such as when configuring VTI interfaces, configuring IPsec, on @status_ipsec.php@, in the widget, etc -- We should do a D ... to wait on DNS to timeout over and over. @ipsec_get_phase1_dst()@ now calls @resolve_retry() ... planning than we have time for at the moment.
- Bug #12328 (Feedback): IPsec VTI interface remote endpoint is not resolved the correct way
- In @interface_ipsec_vti_configure()@, the remote end of an IPsec VTI interface is not resolved the correct way (e.g. The @b.b.b.b@ part of @ifconfig ipsecN tunnel a.a.a.a b.b.b.b@). The @remote-gateway@ value of the IPsec P1 is passed directly to @ifconfig@ which is ... ses but not with hostnames. Elsewhere in the IPsec code, @ipsec_get_phase1_dst()@ is used which runs hostnam ... or NG 6758). To me, I'm working on a fix.
- Bug #12315 (Feedback): IPsec tunnels using a gateway group do not get reloaded in some cases
- When @ipsec_force_reload($interface)@ is called, for exa ... the interface name passed to the function.
- Bug #12259 (New): Intel em NICs Suffering Performance Degradation on FreeBSD12
- Reference FreeBSD bug report here: https://b ... patched in newer kernel releases of FreeBSD.