ClearFoundation Tracker - ClearCenter
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0001580ClearCenterapp-dynamic-vpn - Dynamic VPNpublic2014-02-20 08:232014-02-26 09:57
Reporterbchambers 
Assigned Tobchambers 
PrioritynormalSeverityminorReproducibilitysometimes
StatusclosedResolutionfixed 
PlatformOSOS Version
Product Version6.5.0 
Target Version6.5.0 UpdatesFixed in Version6.5.0 Updates 
Summary0001580: Add sanity check to webconfig page to ensure vpnwatchd service is running
DescriptionLogged into a box today where a tunnel had been configured. IPsec running, but tunnel was 'stuck' at 'initializing'.

[root@xxx log]# service vpnwatchd status
vpnwatchd is stopped

Log files show it was running 15 hrs prior, but no reason why it wasn't running.

system:Feb 19 17:16:29 xxx vpnwatchd: info: system - LAN interface set to eth1
system:Feb 19 17:16:29 xxx vpnwatchd: info: system - WAN interface set to eth0
system:Feb 19 17:16:29 xxx vpnwatchd: info: system - sending IP info to SDN
system:Feb 19 17:16:29 xxx vpnwatchd: info: system - using LAN IP 192.168.1.1
system:Feb 19 17:16:29 xxx vpnwatchd: info: system - reloading connection list
system:Feb 19 17:16:29 xxx vpnwatchd: info: system - no managed connections defined
system:Feb 19 17:16:29 xxx vpnwatchd: info: system - configuring intrusion prevention auto-whitelist
system:Feb 19 17:16:29 xxx vpnwatchd: info: system - updating intrusion prevention whitelist
system:Feb 19 17:16:29 xxx vpnwatchd: info: system - reloading intrusion prevention system
system:Feb 20 10:14:11 xxx vpnwatchd: info: system - started
system:Feb 20 10:14:11 xxx vpnwatchd: info: system - interval set to 60 seconds
system:Feb 20 10:14:11 xxx vpnwatchd: info: system - debug set to 0
system:Feb 20 10:14:11 xxx vpnwatchd: info: system - syslog set to local6
system:Feb 20 10:14:11 xxx vpnwatchd: info: system - aggressive mode set to 0
system:Feb 20 10:14:11 xxx vpnwatchd: info: system - SDN cluster added, https://sdn1.clearsdn.com/4.08 [^]
system:Feb 20 10:14:11 xxx vpnwatchd: info: system - SDN cluster added, https://sdn2.clearsdn.com/4.08 [^]
system:Feb 20 10:14:11 xxx vpnwatchd: info: system - SDN cluster added, https://sdn3.clearsdn.com/4.08 [^]
Steps To Reproduce
Additional Information
TagsNo tags attached.
Relationships
related to 0001584closed bchambers Vpnwatch dies if rsyslog is not running 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2014-02-20 08:23bchambersNew Issue
2014-02-20 08:51bchambersNote Added: 0001151
2014-02-20 13:09bchambersNote Added: 0001152
2014-02-20 13:09bchambersNote Added: 0001153
2014-02-21 08:56bchambersAssigned To => bchambers
2014-02-21 08:56bchambersStatusnew => acknowledged
2014-02-21 08:56bchambersStatusacknowledged => confirmed
2014-02-21 14:01bchambersStatusconfirmed => resolved
2014-02-21 14:01bchambersFixed in Version => 6.5.0 Updates
2014-02-21 14:01bchambersResolutionopen => fixed
2014-02-21 14:02bchambersStatusresolved => closed
2014-02-26 09:57user2Issue cloned: 0001584
2014-02-26 09:57user2Relationship addedrelated to 0001584

Notes
(0001151)
bchambers   
2014-02-20 08:51   
Bad info...IPsec was *not* running.

Dynamic VPN should have a sanity check to see if IPSec is running. The RHS widget monitors vpnwatchd...but if you don't install IPsec, you have no idea if it is running or how to start it if it is not running.
(0001152)
bchambers   
2014-02-20 13:09   
Duplicated after a fresh install, vpnwatchd does not start if rsyslog has died.

[root@devel log]# service vpnwatchd start
Starting vpnwatch: no connection to syslog available
    - /dev/log is not a socket at /usr/sbin/vpnwatchd line 339
                                                           [FAILED]
(0001153)
bchambers   
2014-02-20 13:09   
Sanity check should attempt to restart rsyslog then start vpnwatchd