diff options
| author | jim-p <jim@pingle.org> | 2010-05-06 16:56:12 -0400 |
|---|---|---|
| committer | jim-p <jim@pingle.org> | 2010-05-06 16:56:12 -0400 |
| commit | bdf4ad85ec74fc7a73de0a8d62a2f016f7e8e605 (patch) | |
| tree | cbbeba6663286e6c9bd9ee00b87f1cfa727c61a5 /etc | |
| parent | d98f1fa9a88f6f3c434f20f835f6fd4a5717653f (diff) | |
| download | pfsense-bdf4ad85ec74fc7a73de0a8d62a2f016f7e8e605.zip pfsense-bdf4ad85ec74fc7a73de0a8d62a2f016f7e8e605.tar.gz | |
Set proposal check and passive as needed for this scenario also. Ticket #108
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/vpn.inc | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 2270657..4f9f4e7 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -491,9 +491,13 @@ function vpn_ipsec_configure($ipchg = false) $init = "on"; $genp = "off"; + $pcheck = "claim"; + $passive = "" if (isset($ph1ent['mobile'])) { $rgip = "anonymous"; if ($ph1ent['authentication_method'] == "pre_shared_key") { + $passive = "passive on;"; + $pcheck = "obey"; $genp = "on"; } else { $init = "off"; @@ -585,7 +589,8 @@ remote {$rgip} {$dpdline1} {$dpdline2} support_proxy on; - proposal_check claim; + proposal_check {$pcheck}; + {$passive} proposal { |
