IPsec VPN Status Overview empty

Started by marijn, November 30, 2017, 08:56:41 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 30, 2017, 08:56:41 PM Last Edit: November 30, 2017, 09:07:18 PM by marijn
Hi All,

I'm facing the following error:

The "VPN: IPsec: Status Overview" page is completely empty, I have 7 VPN tunnels whit around 60 phase 2 entries. All VPN tunnels are working correctly.

I did of course already some research trying to solve it and I found this 'old' bug on GitHub:

https://github.com/opnsense/core/issues/634

This bug should be solved in version 16.1.9, I'm running 17.7.8 (latest version and I'm running on officially supported hardware). When I manually try to execute the following script I get this output:

Code Select


root@opnsense:~ # /usr/local/opnsense/scripts/ipsec/list_status.py
Traceback (most recent call last):
  File "/usr/local/opnsense/scripts/ipsec/list_status.py", line 83, in <module>
    for sas in s.list_sas():
  File "/usr/local/opnsense/scripts/ipsec/vici/session.py", line 334, in streamed_request
    self._register_unregister(event_stream_type, False);
  File "/usr/local/opnsense/scripts/ipsec/vici/session.py", line 250, in _register_unregister
    confirm=Packet.EVENT_CONFIRM,
vici.exception.SessionException: Unexpected response type 112, expected '5' (EVENT_CONFIRM)


Restarting the "Strongswan" service doesn't solve the problem, and I can reproduce the problem on multiple devices, so it doesn't seem to be limited to 1 installation.

Is this still a bug in "Strongswan" or "just" a small GUI issue?


Thanks,


Marijn
December 02, 2017, 03:58:17 PM #1
Hi marjin,

Can you please push this to GitHub as an issue as it looks like the VICI reader can't handle the newer strongSwan output and we'll have to investigate.

https://github.com/opnsense/core/issues


Cheers,
Franco
Print
Go Up Pages1
User actions