diff options
author | jim-p <jimp@pfsense.org> | 2010-08-13 13:05:25 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2010-08-13 13:57:43 -0400 |
commit | 29a3ac407fdeb6f8991c5e0798c651ff560d708d (patch) | |
tree | 3c389513f65eaaea1f2edf28aed7e695a51395a9 /etc | |
parent | 0ac1dafd6f10171941ec1c5d9ac33268d655aef2 (diff) | |
download | pfsense-29a3ac407fdeb6f8991c5e0798c651ff560d708d.zip pfsense-29a3ac407fdeb6f8991c5e0798c651ff560d708d.tar.gz |
Honor a phase 1 proposal_check if one is set, otherwise use the default.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/vpn.inc | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 6efec52..824a374 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -474,14 +474,14 @@ function vpn_ipsec_configure($ipchg = false) $init = "on"; $genp = "off"; - $pcheck = "claim"; + $pcheck = empty($ph1ent['proposal_check']) ? $ph1ent['proposal_check'] : $pcheck = "claim"; $passive = ""; if (isset($ph1ent['mobile'])) { $rgip = "anonymous"; /* Mimic 1.2.3's behavior for pure-psk mobile tunnels */ if ($ph1ent['authentication_method'] == "pre_shared_key") { $passive = "passive on;"; - $pcheck = "obey"; + $pcheck = empty($ph1ent['proposal_check']) ? $ph1ent['proposal_check'] : $pcheck = "obey"; $genp = "on"; } else { $init = "off"; |