Remove SPD when disable phase2, it fixes #2719

author: Renato Botelho <garga@FreeBSD.org> 2013-09-03 15:13:10 -0300
committer: Renato Botelho <garga@FreeBSD.org> 2013-09-03 15:19:06 -0300
commit: 3cb55704924734aa19de58349198ca99d15e00ea (patch)
tree: a74c2c7f4cfe04f788b61f14e27f5ccab05d520d /etc/inc/vpn.inc
parent: f70df069b3d7b1b629b2655c9e29634090902065 (diff)
download: pfsense-3cb55704924734aa19de58349198ca99d15e00ea.zip
pfsense-3cb55704924734aa19de58349198ca99d15e00ea.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index bf9e611..62d997c 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -1905,7 +1905,7 @@ function reload_tunnel_spd_policy($phase1, $phase2, $old_phase1, $old_phase2) {
 		}
 	}
 	/* add new SPD policies to replace them */
-	if (!isset($phase1['disabled'])) {
+	if (!isset($phase1['disabled']) && !isset($phase2['disabled'])) {
 		$spdconf .= "spdadd {$family} {$local_subnet} " .
 			"{$remote_subnet} any -P out ipsec " .
 			"{$phase2['protocol']}/tunnel/{$ep}-" .
author	Renato Botelho <garga@FreeBSD.org>	2013-09-03 15:13:10 -0300
committer	Renato Botelho <garga@FreeBSD.org>	2013-09-03 15:19:06 -0300
commit	3cb55704924734aa19de58349198ca99d15e00ea (patch)
tree	a74c2c7f4cfe04f788b61f14e27f5ccab05d520d /etc/inc/vpn.inc
parent	f70df069b3d7b1b629b2655c9e29634090902065 (diff)
download	pfsense-3cb55704924734aa19de58349198ca99d15e00ea.zip pfsense-3cb55704924734aa19de58349198ca99d15e00ea.tar.gz