summaryrefslogtreecommitdiffstats
path: root/etc/inc/vpn.inc
diff options
context:
space:
mode:
Diffstat (limited to 'etc/inc/vpn.inc')
-rw-r--r--etc/inc/vpn.inc4
1 files changed, 4 insertions, 0 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index 62d997c..3a75c96 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -308,6 +308,7 @@ function vpn_ipsec_configure($ipchg = false)
/* begin racoon.conf */
$racoonconf = "";
+ $peerid_verify = "";
if ((is_array($a_phase1) && count($a_phase1)) || (is_array($a_phase2) && count($a_phase2))) {
$racoonconf .= "# This file is automatically generated. Do not edit\n";
@@ -607,6 +608,8 @@ function vpn_ipsec_configure($ipchg = false)
/* Only specify peer ID if we are not dealing with a mobile PSK-only tunnel */
if (!(($ph1ent['authentication_method'] == "pre_shared_key") && isset($ph1ent['mobile']))) {
$peerid_spec = "peers_identifier {$peerid_type} {$peerid_data};";
+ if (isset($ph1ent['verify_identifier']))
+ $peerid_verify = "verify_identifier on;";
}
/* add remote section to configuration */
@@ -619,6 +622,7 @@ remote {$rgip}
exchange_mode {$ph1ent['mode']};
my_identifier {$myid_type} {$myid_data};
{$peerid_spec}
+ {$peerid_verify}
ike_frag on;
generate_policy = {$genp};
initial_contact = {$init};
OpenPOWER on IntegriCloud