On Fri, Sep 26, 2008 at 11:14 AM, Paul Mansfield <[EMAIL PROTECTED]> wrote: > Rob Terhaar wrote: >> I know that the rule label too long bug has been around in varying >> 500 keep state label "IPSEC: RDI ->2nd lan - outbound isakmp" > > try taking out the '>', I have been bitten by a bug with it not quoting > XML reserved chars before >
All reserved characters have been properly quoted for a while now. > 289: pass out quick on $wan proto udp from any to xx.xx.xx.52 port = > 500 keep state label "IPSEC: RDI ->2nd lan - outbound isakmp" > This wasn't the line that actually caused problems I presume, this isn't long enough. That exact rule loads fine. There was a missing check that generates rules with too long of a description for IPsec connections with descriptions over 28 characters that I just fixed. I guess you're the first to write an essay naming your IPsec connections. :) --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
