diff --git a/pfSense-pkg-API/files/etc/inc/api/framework/APIResponse.inc b/pfSense-pkg-API/files/etc/inc/api/framework/APIResponse.inc index acf58c450..b56faab90 100644 --- a/pfSense-pkg-API/files/etc/inc/api/framework/APIResponse.inc +++ b/pfSense-pkg-API/files/etc/inc/api/framework/APIResponse.inc @@ -1625,12 +1625,6 @@ function get($id, $data=[], $all=false) { "return" => $id, "message" => "IPsec remote gateway must be IPv6 address when protocol is set to 'inet6'" ], - 2169 => [ - "status" => "bad request", - "code" => 400, - "return" => $id, - "message" => "IPsec remote gateway cannot be a hostname unless protocol is set to 'both'" - ], 2170 => [ "status" => "bad request", "code" => 400, diff --git a/pfSense-pkg-API/files/etc/inc/api/models/APIServicesIPsecPhase1Create.inc b/pfSense-pkg-API/files/etc/inc/api/models/APIServicesIPsecPhase1Create.inc index 810ec4931..946534b4f 100644 --- a/pfSense-pkg-API/files/etc/inc/api/models/APIServicesIPsecPhase1Create.inc +++ b/pfSense-pkg-API/files/etc/inc/api/models/APIServicesIPsecPhase1Create.inc @@ -167,10 +167,6 @@ class APIServicesIPsecPhase1Create extends APIModel { elseif (is_ipaddrv4($this->initial_data["remote-gateway"]) and $this->validated_data["protocol"] === "inet6") { $this->errors[] = APIResponse\get(2168); } - # For domain name remote gateways, ensure the protocol is 'both' - elseif (is_fqdn($this->initial_data["remote-gateway"]) and $this->validated_data["protocol"] !== "both") { - $this->errors[] = APIResponse\get(2169); - } # Ensure remote gateway is not already in use elseif ($this->is_ipsec_remote_gateway_in_use($this->initial_data["remote-gateway"])) { $this->errors[] = APIResponse\get(2170); diff --git a/pfSense-pkg-API/files/etc/inc/api/models/APIServicesIPsecPhase1Update.inc b/pfSense-pkg-API/files/etc/inc/api/models/APIServicesIPsecPhase1Update.inc index ecc852812..43d2a60f4 100644 --- a/pfSense-pkg-API/files/etc/inc/api/models/APIServicesIPsecPhase1Update.inc +++ b/pfSense-pkg-API/files/etc/inc/api/models/APIServicesIPsecPhase1Update.inc @@ -245,10 +245,6 @@ class APIServicesIPsecPhase1Update extends APIModel { elseif (is_ipaddrv4($this->initial_data["remote-gateway"]) and $this->validated_data["protocol"] === "inet6") { $this->errors[] = APIResponse\get(2168); } - # For domain name remote gateways, ensure the protocol is 'both' - elseif (is_fqdn($this->initial_data["remote-gateway"]) and $this->validated_data["protocol"] !== "both") { - $this->errors[] = APIResponse\get(2169); - } # Ensure remote gateway is not already in use elseif ($this->is_ipsec_remote_gateway_in_use($this->initial_data["remote-gateway"])) { $this->errors[] = APIResponse\get(2170); diff --git a/tests/test_api_v1_services_ipsec_phase1.py b/tests/test_api_v1_services_ipsec_phase1.py index 317048852..5432aa017 100644 --- a/tests/test_api_v1_services_ipsec_phase1.py +++ b/tests/test_api_v1_services_ipsec_phase1.py @@ -197,28 +197,6 @@ class APIE2ETestServicesIPsecPhase1(e2e_test_framework.APIE2ETest): "remote-gateway": "127.0.0.1" } }, - { - "name": "Check remote-gateway domain only when protocol is 'both' constraint (inet)", - "status": 400, - "return": 2169, - "req_data": { - "iketype": "ikev2", - "protocol": "inet", - "interface": "wan", - "remote-gateway": "example.com" - } - }, - { - "name": "Check remote-gateway domain only when protocol is 'both' constraint (inet6)", - "status": 400, - "return": 2169, - "req_data": { - "iketype": "ikev2", - "protocol": "inet6", - "interface": "wan", - "remote-gateway": "example.com" - } - }, { "name": "Check remote gateway unique constraint", "status": 400,