OPNsense Forum
Archive => 20.1 Legacy Series => Topic started by: bitmusician on February 06, 2020, 01:18:25 pm
-
Hello,
what I'm writing now is not only an issue in version 20.1 but it got "worse" with the update.
Every time we change the IPsec tunnel configuration over the WebGUI, the configuration change is only written in the /conf/conf.xml on the Backup-Host but not in the /usr/local/etc/ipsec.conf. On the WebGUI of the Backup host it looks like the changes have been made but after comparing the files of both Master and Backup with the command "md5 /usr/local/etc/ipsec.conf" you can see that the changes didn't affect on the Backup Host.
So before 20.1 we had to make some kind of "dummy-change" on the Backup-Host that means to simply open one of the tunnel configurations, save and apply again. This was the solution until now because now you have to additionally perform a HA-Sync BEFORE the dummy-change.
Is there any planned change about this in further versions? I mean it's ok when you know what to do but it would be great if a normal HA-Sync would synchronize the IPsec configuration too! ;D
Thanks,
Bitmusician