------------------------------------------------------------------------
r741 | mgrooms | 2010-10-01 17:04:50 +0000 (Fri, 01 Oct 2010) | 2 lines
Correct an issue with the VPN Access Manager related to pcf import. When
a non encrypted password is present, don't try to hex-decode it. Just
import it as plain text.
------------------------------------------------------------------------
r738 | mgrooms | 2010-09-26 22:23:41 +0000 (Sun, 26 Sep 2010) | 2 lines
Make sure we don't try to set the initial flag to true on a non-ipsec
policy. Wait for the first ipsec policy instead. Thanks to Michael Kenny
for diagnosing this issue and submitting the patch.
------------------------------------------------------------------------
r733 | mgrooms | 2010-09-26 21:50:58 +0000 (Sun, 26 Sep 2010) | 2 lines
Correct an issue in ikea with the dialog updates after loading the
phase1 and phase2 options. Make sure we call the update functions at the
end of the load process.
------------------------------------------------------------------------
r732 | mgrooms | 2010-09-26 21:38:10 +0000 (Sun, 26 Sep 2010) | 2 lines
Modify the location of dialog update helper routine calls in the site
configuration load member function. The must be called in the correct
order or problems will occur. Thanks to Michael Kenney for reporting
this issue.
------------------------------------------------------------------------
r730 | mgrooms | 2010-09-03 02:47:25 +0000 (Fri, 03 Sep 2010) | 2 lines
Correct a bug in the ikec program that caused an invalid filename to be
displayed when prompting the user for a password. Thanks to Michael
Kenny for submitting this patch.
------------------------------------------------------------------------
r727 | mgrooms | 2010-09-02 07:16:38 +0000 (Thu, 02 Sep 2010) | 1 line
Branch for 2.1.7 release.
------------------------------------------------------------------------
r726 | mgrooms | 2010-09-01 05:47:06 +0000 (Wed, 01 Sep 2010) | 1 line
Modify iked to only create a NONE policy for the next-hop address when
the vpn gateway is not on a network locally attached to the client. This
caused communication failures as the route was being installed as
0.0.0.0 -> next-hop which is obviously incorrect.
------------------------------------------------------------------------
r724 | mgrooms | 2010-08-21 18:47:10 +0000 (Sat, 21 Aug 2010) | 2 lines
Fix a bug with the shared policy level support. When a IPsec SA expires,
the peer may attempt to initiate a new phase2 negotation as a
replacement. This will cause negotiation to fail as the source ID will
always be 0.0.0.0/0 which won't match a policy. Correct this by only
matching policies the destination ID since the source ID will always be
generic.
------------------------------------------------------------------------