OPNsense crash by opening GUI trough IPsec

[rolibert]

I upgraded to version 23.7.1_3 and it runs good.....but perhaps, I found a bug

If I have fix IPsec connections between fix destinations and I trie to call the foreign OPNsense (via GUI/Browser), then the foreign OPNsense crash.

As example, one side has range 192.168.111.0/24 and the other side has 192.168.222.0/24. These two ranges are connected via IPsec in OPNsense. If I am at the side with 192.168.111.0 and I trie to configure OPNsense (via GUI/Browser) in range 192.168.222.0, then crash the OPNsense in range 192.168.222.0. And vice versa.

If I am in the range 192.168.111.0 (or anywhere) and I use OpenVPN to the range 192.168.222.0 to open GUI/Browser in OPNsense, then it runs properly.

If I use SSH, then I've never problems.

Befor I changed to 23.7, it worked fine.... So I think, that could be a bug

[franco]

The issue was identified and fixed in the kernel a few days ago. A prerelease is here:

# opnsense-update -kr 23.7.1-ipsec
# opnsense-shell reboot

(needs a restart obviously)


Cheers,
Franco

[danderson]

Franco,

opnsense-update -kr 23.7.1-ipsec
Fetching kernel-23.7.1-ipsec-amd64.txz: ..[fetch: https://pkg.opnsense.org/FreeBSD:13:amd64/23.7/sets/kernel-23.7.1-ipsec-amd64.txz.sig: Not Found] failed, no signature found

The issue was identified and fixed in the kernel a few days ago. A prerelease is here:

# opnsense-update -kr 23.7.1-ipsec
# opnsense-shell reboot

(needs a restart obviously)


Cheers,
Franco

[franco]

Sorry, typo.

# opnsense-update -zkr 23.7.1-ipsec


Cheers,
Franco

[danderson]

Been running this kernel for a few hours and dont see any issues, didnt have the exact issue as explained above, but I can access GUI of remote opnsense box at the end of an ipsec vti tunnel.

Sorry, typo.

# opnsense-update -zkr 23.7.1-ipsec


Cheers,
Franco