Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IPSec interface does not show under Interfaces or Firewall rules #1435

Closed
thomasnilsen opened this issue Feb 27, 2017 · 11 comments
Closed

IPSec interface does not show under Interfaces or Firewall rules #1435

thomasnilsen opened this issue Feb 27, 2017 · 11 comments

Comments

@thomasnilsen
Copy link

Hi,

I have just configured IPSec and it works very well (up to point where traffic is routed), but when I was going to setup firewall rules for it, it's not there.. I tried to "Assignments" under Interfaces and see if its waiting there, but no luck..

On my dashboard etc the IPSec shows in traffic graphs etc..

best regards
Thomas
@fichtner
Copy link
Member

Hi Thomas,

Which version? I think this was permanently fixed in 17.1.1:

https://github.com/opnsense/changelog/blob/master/doc/17.1/17.1.1#L36

Cheers,
Franco

@thomasnilsen
Copy link
Author

Hi @fichtner

17.1.2 (installed).

I started at 17.1 but did a update from that to 17.1.1 and then to 17.1.2 if that helps..

best regards
Thomas

@fichtner
Copy link
Member

Ok, saving the config in any dialog should fix this. If not we need to take a closer look...

@thomasnilsen
Copy link
Author

That does not do it.. Tried refreshing everything but no luck..

@fichtner
Copy link
Member

fichtner commented Feb 27, 2017
edited
Loading

One more in the forum: https://forum.opnsense.org/index.php?topic=4638.0

Maybe it's this: 318426c

Can you try to revert via:

# opnsense-patch 318426c

And save an unrelated page like e.g. System: Setting: General?

Thanks,
Franco

@mircsicz
Copy link

I'll check that after a few hours sleep...

@mircsicz
Copy link

THX Franco, after patching and saving something somewhere the IPsec interface was back in Firewall > Rules.

But the old problem remains the same, I can't connect to the dev's behind the IPsec. It even got worse, can't connect even with the rules on WAN enabled...

@fichtner
Copy link
Member

@mircsicz need to take a look at that config and why it's breaking the expected logic.. the IPsec pass rules could be gone for the moment: try to reapply the firewall rules with the tab and pass rule in place.

@mircsicz
Copy link

mircsicz commented Feb 28, 2017
edited
Loading

already done... ;-)

But no change :-/

I could see in the log that traffic is again being recognized on WAN instead of IPSEC... But the rules we created for that problem are in place!

@thomasnilsen
Copy link
Author

thomasnilsen commented Mar 1, 2017
edited
Loading

My IPSec rule tab has re-appeared, but it's still not shown under interfaces src/dst in rules etc. This happened when i created a site-to-site vpn with phase1 and phase2 entry..

I can now successfully hide/unhide the IPSec tab under firewalls by enable/disable Phase1/Phase2 on my site-to-site profile.. So I guess there is some broken logic on the part that decides when to show that tab based on that..

@AdSchellevis
Copy link
Member

timeout due to inactivity

@Nornode Nornode mentioned this issue Jul 2, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@fichtner @thomasnilsen @mircsicz @AdSchellevis