Bug #2857

VPN: left subnet equals to right subnet in IPsec configuration

Added by Davide Marini over 5 years ago. Updated over 4 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-ipsec
Target version:~FUTURE
Security class: Resolution:REJECTED
Affected version: NEEDINFO:Yes

Description

Actually NethServer don't support site to site IPsec VPNs, but if somebody create an account specifying a remote network this network is added in the ipsec.conf as left and right subnet.
Probably that configuration doesn't have to be added to ipsec.conf until nethserver will start support site to site IPsec vpn, after that the left and right subnets have to be different, of course.


Related issues

Related to NethServer 6 - Feature #3194: IPsec tunnels (net2net) web interface CLOSED

History

#1 Updated by Filippo Carletti over 5 years ago

  • Target version set to v6.5

#2 Updated by Giacomo Sanchietti over 5 years ago

  • Category set to nethserver-ipsec
  • Status changed from NEW to TRIAGED
  • % Done changed from 0 to 20

#3 Updated by Giacomo Sanchietti about 5 years ago

  • NEEDINFO changed from No to Yes

Is this behavior causing any error? Or is it just cosmetic?

#4 Updated by Davide Marini about 5 years ago

In a host to net configuration probably it doesn't cause problems, but probably is not the correct configuration.

In a "site to site" configuration (still not supported by web interface) this behavior should be a bug because remote and local network (left and right subnets) have to be different.
Trying to make an IPsec manually (e.g. from console) would be more difficult.

In any case it doesn't seem to be a correct configuration.

#5 Updated by Giacomo Sanchietti about 5 years ago

  • Target version changed from v6.5 to ~FUTURE

#6 Updated by Giacomo Sanchietti over 4 years ago

  • Status changed from TRIAGED to CLOSED
  • % Done changed from 20 to 100
  • Resolution set to REJECTED

New implementation isn't affected by this issue. See #3194

#7 Updated by Giacomo Sanchietti over 4 years ago

  • Related to Feature #3194: IPsec tunnels (net2net) web interface added

Also available in: Atom PDF