General

Profile

Kev Kitchens

  • Login: kevvok
  • Registered on: 10/25/2017
  • Last connection: 01/07/2024

Issues

open closed Total
Assigned issues 0 0 0
Reported issues 2 5 7

Activity

08/31/2023

06:35 PM pfSense Regression #14736 (Resolved): Unable to select PFS Group for individual Phase 2 configurations if Mobile Client global override is not selected
In the currently nightly snapshot, I'm unable to select a PFS group for an individual Phase 2 configuration unless th... Kev Kitchens

01/25/2023

12:56 AM pfSense Feature #13902 (New): Add configuration option to IPsec VPN section to allow strongSwan to use RSA-PSS signatures
When an IKEv2 client indicates support for RFC 7427 digital signature authentication to a strongSwan server configure... Kev Kitchens

09/24/2022

05:45 PM pfSense Bug #13504: Router Advertisements sent from wrong source address
I was able to solve this by manually editing radvd.conf to add this block to the interface config:... Kev Kitchens

09/20/2022

10:17 AM pfSense Bug #13504: Router Advertisements sent from wrong source address
Actually, have to correct myself, it is answering neighbor solicitations for the EUI-64 address, but the responses ar... Kev Kitchens
10:13 AM pfSense Bug #13504 (New): Router Advertisements sent from wrong source address
While most services using the LAN interface's link local address are binding to fe80::1:1 as expected, radvd seems to... Kev Kitchens

11/05/2021

01:29 PM pfSense Bug #12505: NAT issues with IPsec passthrough
Understandable that this is a limitation of pf, and I appreciate the info on using a floating rule to prevent the lea... Kev Kitchens
12:35 PM pfSense Bug #12505 (Not a Bug): NAT issues with IPsec passthrough
I've noticed some issues with the automatic IPsec passthrough rules generated when the outbound NAT is set to automat... Kev Kitchens

10/22/2021

08:42 PM pfSense Docs Correction #12471: AES-XCBC should not be recommended as PRF for IPsec
Thanks for taking this up Jim!
> Originally that was recommended as it would result in the highest performance on ...
Kev Kitchens

10/21/2021

05:15 PM pfSense Docs Correction #12471: AES-XCBC should not be recommended as PRF for IPsec
For some further justification, the NIST Guide to IPsec VPNs (SP 800-77) does not list AES-XCBC as an approved PRF al... Kev Kitchens

10/18/2021

06:40 PM pfSense Docs Correction #12471 (Closed): AES-XCBC should not be recommended as PRF for IPsec
The IPsec Configuration (https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/configure.html) and VPN Scaling (https:... Kev Kitchens

Also available in: Atom