IPSec-tunnel disappears from configuration after editing a tunnel

The ngadmin client does not support management of gateways that have a HIGHER version number than the ngadmin client itself. This may lead to an inconsistent system configuration and can cause operative malfunctions.

Of course the ngadmin client is capable of managing gateways that have a LOWER version number than the ngadmin client itself.

To solve this problem, a manual intervention on the configuration file responsible for VPN-tunnel configuration is needed.
If you are not familiar with the vi text editor please get in contact with support to avoid further-reaching impacts to your actual configuration.

Manual configured "Advanced RAW ISAKMP Settings" got lost. If necessary these settings need to be re-configured for each IPSec-tunnel.
Any other IPSec-tunnelsettings are recoverable.

Step 1: Block the rangeconf-service (or boxconfig-service in case of a single box) to avoid simultaneous access to the affected configuration file.

Step 2: Enter Command Line, login as root and open / edit the responsible file as described.

    On control center-boxes:
vi /opt/phion/maintree/configroot/<rangenumber>/<clustername>/clusterservers/<servername>/services/<servicename>/vpntunnel.conf

    On single-boxes:

vi /opt/phion/config/configroot/servers/<servername>/services/<servicename>/vpntunnel.conf

Locate the string RAWIPSEC, change these sections like described below and save the file.

    Wrong:

PRESHARED = 0123456789012345678900

REPLAYSIZE = 0

    Correct:

Step 3: Activate the changed configuration:

Start the boxconfig-service, open the Site to Site configuration ("Config" > "Box" > "Virtual Servers" > "<Servername>" > "Assigned Services" > "<Servicename>" > "Site to Site") and perform a dummy-change to trigger a rewrite of some used internal VPN-configfiles.