Hello Sophos, Hello Community,
I have found a bug in the v19 API. When I create an IPSec connection (VPNIPSecConnection) via API on the firewall, the PresharedKey or the RemoteRSAKey is not correctly entered on the firewall if it contains a '+' character.
I noticed this when I wanted to create a connection with an RSA key via API. The RSA key contains '+' characters in several places. After the API request, the field on the firewall no longer contains '+' characters, they were all replaced with spaces.
At first I thought of an error in my script, but the web request is correctly created and submitted with '+' characters. To verify the problem, I configured a tunnel between 2 XGs: On one XG I created the VPN configuration via API and on the other one by hand. The PSK has several '+' characters. The tunnel does not establish. As a cross check, I did the same with a PSK without '+' characters and the tunnel is established. Therefore, there is a bug in the API when either the PSK or the RSA key contain '+' characters.