Page MenuHomeVyOS Platform
Create Task
Maniphest T4167

DMVPN apply wrong param on the first configuration
Closed, ResolvedPublicBUG
Actions

Description

Following DMVPN docs https://docs.vyos.io/en/equuleus/configuration/vpn/dmvpn.html
It applies config from the default file https://github.com/vyos/vyos-opennhrp/blob/equuleus/etc/opennhrp.conf

vyos@VyOS-Central-Hub:~$ sudo swanctl -l
dmvpn-NHRPVPN-tun1: #1, CONNECTING, IKEv2, b64289e1a96d2fb7_i* 0000000000000000_r
  local  '%any' @ 198.51.100.2[500]
  remote '%any' @ 192.168.200.1[500]
  active:  IKE_VENDOR IKE_INIT IKE_NATD IKE_CERT_PRE IKE_AUTH IKE_CERT_POST IKE_CONFIG CHILD_CREATE IKE_AUTH_LIFETIME IKE_MOBIKE

It is the main reason why 192.168.200.1 appears and in logs and packets dump we can see

Jan 11 08:06:58 VyOS-Central-Hub charon: 12[IKE] <dmvpn-NHRPVPN-tun1|1> initiating IKE_SA dmvpn-NHRPVPN-tun1[1] to 192.168.200.1
Jan 11 08:06:58 VyOS-Central-Hub charon: 12[ENC] <dmvpn-NHRPVPN-tun1|1> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Jan 11 08:06:58 VyOS-Central-Hub charon: 12[NET] <dmvpn-NHRPVPN-tun1|1> sending packet: from 198.51.100.2[500] to 192.168.200.1[500] (380 bytes)
Jan 11 08:07:02 VyOS-Central-Hub charon: 11[IKE] <dmvpn-NHRPVPN-tun1|1> retransmit 1 of request with message ID 0
Jan 11 08:07:02 VyOS-Central-Hub charon: 11[NET] <dmvpn-NHRPVPN-tun1|1> sending packet: from 198.51.100.2[500] to 192.168.200.1[500] (380 bytes)
Jan 11 08:07:09 VyOS-Central-Hub charon: 05[IKE] <dmvpn-NHRPVPN-tun1|1> retransmit 2 of request with message ID 0
Jan 11 08:07:09 VyOS-Central-Hub charon: 05[NET] <dmvpn-NHRPVPN-tun1|1> sending packet: from 198.51.100.2[500] to 192.168.200.1[500] (380 bytes)
Jan 11 08:07:22 VyOS-Central-Hub charon: 09[IKE] <dmvpn-NHRPVPN-tun1|1> retransmit 3 of request with message ID 0
Jan 11 08:07:22 VyOS-Central-Hub charon: 09[NET] <dmvpn-NHRPVPN-tun1|1> sending packet: from 198.51.100.2[500] to 192.168.200.1[500] (380 bytes)
Jan 11 08:07:45 VyOS-Central-Hub charon: 15[IKE] <dmvpn-NHRPVPN-tun1|1> retransmit 4 of request with message ID 0
Jan 11 08:07:45 VyOS-Central-Hub charon: 15[NET] <dmvpn-NHRPVPN-tun1|1> sending packet: from 198.51.100.2[500] to 192.168.200.1[500] (380 bytes)

Propose to clean this file

Details

Difficulty level
Normal (likely a few hours)
Version
1.3.0
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible
Issue type
Bug (incorrect behavior)

Event Timeline

Unknown Object (User) created this task.Jan 11 2022, 8:08 AM
Unknown Object (User) changed the task status from Open to In progress.Jan 11 2022, 8:08 PM
Unknown Object (User) claimed this task.
Unknown Object (User) added a comment.Jan 11 2022, 8:27 PM

PR https://github.com/vyos/vyos-opennhrp/pull/3

Unknown Object (User) changed the task status from In progress to Needs testing.Jan 12 2022, 6:38 AM
Unknown Object (User) closed this task as Resolved.Jan 12 2022, 4:38 PM
syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.Aug 29 2022, 12:15 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus.
syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0) board.