From 15fbd36792b55eb624fb3ada246d32cf4165e552 Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Thu, 23 Feb 2023 09:40:51 +0100
Subject: [PATCH] VPN/IPsec - reqid shouldn't be provided on mobile sessions.
 closes https://github.com/opnsense/core/issues/6352

(same as https://github.com/opnsense/core/commit/9be878390a762f8d23c09789ef34696f53b0ab3e but only for isolated mode)
---
 src/etc/inc/plugins.inc.d/ipsec.inc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/etc/inc/plugins.inc.d/ipsec.inc b/src/etc/inc/plugins.inc.d/ipsec.inc
index 2ee571d50..25f2f22db 100644
--- a/src/etc/inc/plugins.inc.d/ipsec.inc
+++ b/src/etc/inc/plugins.inc.d/ipsec.inc
@@ -1528,7 +1528,9 @@ function ipsec_configure_do($verbose = false, $interface = '')
                     $this_conn['children'][$child_id] = $base_child_conf;
                     $this_conn['children'][$child_id]['local_ts'] = $parsed_phase2['local_ts'][$idx];
                     $this_conn['children'][$child_id]['remote_ts'] = $parsed_phase2['remote_ts'][$idx];
-                    $this_conn['children'][$child_id]['reqid'] = $parsed_phase2['reqids'][$idx];
+                    if (!isset($ph1ent['mobile'])) {
+                        $this_conn['children'][$child_id]['reqid'] = $parsed_phase2['reqids'][$idx];
+                    }
                     foreach (['esp_proposals', 'ah_proposals', 'life_time', 'rekey_time', 'rand_time'] as $fieldname) {
                         if (isset($parsed_phase2[$fieldname][$idx]) && $parsed_phase2[$fieldname][$idx] != null) {
                             if (is_array($parsed_phase2[$fieldname][$idx])) {