From e7356fa395e9dcf39de280702beeffcd9cfa11e3 Mon Sep 17 00:00:00 2001
From: FloMeyer <flo@flomeyer.de>
Date: Thu, 17 Feb 2022 20:06:08 +0100
Subject: [PATCH] VPN / IPsec - pass protocol when resolving via
 ipsec_resolve() (#5360)

closes https://github.com/opnsense/core/issues/5359
---
 src/etc/inc/plugins.inc.d/ipsec.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/etc/inc/plugins.inc.d/ipsec.inc b/src/etc/inc/plugins.inc.d/ipsec.inc
index 334745170..c9a4f0938 100644
--- a/src/etc/inc/plugins.inc.d/ipsec.inc
+++ b/src/etc/inc/plugins.inc.d/ipsec.inc
@@ -864,7 +864,7 @@ function ipsec_configure_spd()
             foreach ($config['ipsec']['phase2'] as $ph2ent) {
                 if (!isset($ph2ent['disabled']) && $ph1ent['ikeid'] == $ph2ent['ikeid'] && !empty($ph2ent['spd'])) {
                     $tunnel_src = ipsec_get_phase1_src($ph1ent);
-                    $tunnel_dst = ipsec_resolve($ph1ent['remote-gateway']);
+                    $tunnel_dst = ipsec_resolve($ph1ent['remote-gateway'], $ph1ent['protocol']);
 
                     // XXX: remove me, temporary logging to validate https://github.com/opnsense/core/issues/1773
                     $peerid_spec = ipsec_find_id($ph1ent, "peer");