summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChris Buechler <cmb@pfsense.org>2015-07-22 15:08:58 -0500
committerChris Buechler <cmb@pfsense.org>2015-07-22 15:08:58 -0500
commit699e20745b22e5a9e663ebd5acdcd94e01d0a466 (patch)
tree9f193fcc6abdba9e96e4f797b4e43ef49adf4bbd
parentdf4de32d3403e58a45f0e66fccdf67f33e8cde91 (diff)
downloadpfsense-699e20745b22e5a9e663ebd5acdcd94e01d0a466.zip
pfsense-699e20745b22e5a9e663ebd5acdcd94e01d0a466.tar.gz
make the IPsec bypass LAN from LAN subnet to LAN subnet rather than from
LAN subnet to LAN IP. Same end result except it'll work for VIPs on same interface now.
-rw-r--r--etc/inc/vpn.inc2
1 files changed, 1 insertions, 1 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index 688e9ca..8e73927 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -727,7 +727,7 @@ EOD;
$ipsecconf .= <<<EOD
conn bypasslan
- leftsubnet = {$lanip}/32
+ leftsubnet = {$lansa}/{$lansn}
rightsubnet = {$lansa}/{$lansn}
authby = never
type = passthrough
OpenPOWER on IntegriCloud