Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove hmac-md5-96 authentication from IPSec VPN policy #3515

Closed
yussufsh opened this issue Jan 24, 2022 · 0 comments · Fixed by #3516
Closed

Remove hmac-md5-96 authentication from IPSec VPN policy #3515

yussufsh opened this issue Jan 24, 2022 · 0 comments · Fixed by #3516
Assignees
@ChaseRun
Labels
service/Power Systems Issues related to Power Systems

Comments

@yussufsh
Copy link
Collaborator

yussufsh commented Jan 24, 2022
edited
Loading

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform CLI and Terraform IBM Provider Version

Affected Resource(s)

  • ibm_pi_ipsec_policy

Terraform Configuration Files

Please include all Terraform configurations required to reproduce the bug. Bug reports without a functional reproduction may be closed without investigation.

	resource "ibm_pi_ipsec_policy" "policy" {
		pi_cloud_instance_id = "%s"
		pi_policy_name = "%s"
		pi_policy_dh_group = 1
		pi_policy_encryption = "3des-cbc"
		pi_policy_key_lifetime = 180
		pi_policy_pfs = true
		pi_policy_authentication = "hmac-md5-96"
	}

Debug Output

Note this is the error message taken from the staging environment.

Error: failed to perform Create VPN Policy Operation for cloud instance 6021a723-.......................64f35 with error [POST /pcloud/v1/cloud-instances/{cloud_instance_id}/vpn/ipsec-policies][422] pcloudIpsecpoliciesPostUnprocessableEntity  &{Code:606 Description: Error: Message:authentication in body should be one of [hmac-sha-256-128 hmac-sha1-96 none]}

Panic Output

Expected Behavior

hmac-md5-96 value should not be allowed for authentication.

Actual Behavior

Steps to Reproduce

  1. terraform apply

Important Factoids

References

  • #0000
@github-actions github-actions bot added the service/Power Systems Issues related to Power Systems label Jan 24, 2022
yussufsh added a commit to yussufsh/terraform-provider-ibm that referenced this issue Jan 24, 2022
@yussufsh
fix: Remove hmac-md5-96 authentication from IPSec VPN policy
34d79e7 
Signed-off-by: Yussuf Shaikh <yussuf.shaikh@ibm.com>

Fixes IBM-Cloud#3515
yussufsh added a commit to yussufsh/terraform-provider-ibm that referenced this issue Jan 24, 2022
@yussufsh
fix: Remove hmac-md5-96 authentication from IPSec VPN policy
902f185 
Signed-off-by: Yussuf Shaikh <yussuf.shaikh@ibm.com>

Fixes IBM-Cloud#3515
@yussufsh yussufsh mentioned this issue Jan 24, 2022
Merged
@ChaseRun ChaseRun self-assigned this Jan 25, 2022
hkantare pushed a commit that referenced this issue Jan 27, 2022
@yussufsh @hkantare
fix: Remove hmac-md5-96 authentication from IPSec VPN policy
dd862c7 
Signed-off-by: Yussuf Shaikh <yussuf.shaikh@ibm.com>

Fixes #3515
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ChaseRun ChaseRun

Labels
service/Power Systems Issues related to Power Systems
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: Remove hmac-md5-96 authentication from IPSec VPN policy yussufsh/terraform-provider-ibm
2 participants
@yussufsh @ChaseRun