summaryrefslogtreecommitdiff
path: root/interface-definitions/vpn_ipsec.xml.in
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2024-07-25 15:40:32 +0200
committerGitHub <noreply@github.com>2024-07-25 15:40:32 +0200
commit160a24d61d9adb108de9a210311ccd10a93f819f (patch)
treed9b96aa6c2caf2c39d60a764b6c26a479dc72d60 /interface-definitions/vpn_ipsec.xml.in
parentc73e89d7264f928db2ca44da1d885a96c125db48 (diff)
parent9dc7e170d4eab2a76f373886d2f0b21d51dabeb5 (diff)
downloadvyos-1x-160a24d61d9adb108de9a210311ccd10a93f819f.tar.gz
vyos-1x-160a24d61d9adb108de9a210311ccd10a93f819f.zip
Merge pull request #3843 from vyos/mergify/bp/sagitta/pr-3841
T6599: ipsec: support disabling rekey of CHILD_SA, converge and fix defaults (backport #3841)
Diffstat (limited to 'interface-definitions/vpn_ipsec.xml.in')
-rw-r--r--interface-definitions/vpn_ipsec.xml.in6
1 files changed, 6 insertions, 0 deletions
diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in
index 7f425d982..4a7fde75b 100644
--- a/interface-definitions/vpn_ipsec.xml.in
+++ b/interface-definitions/vpn_ipsec.xml.in
@@ -99,6 +99,12 @@
</constraint>
</properties>
</leafNode>
+ <leafNode name="disable-rekey">
+ <properties>
+ <help>Do not locally initiate a re-key of the SA, remote peer must re-key before expiration</help>
+ <valueless/>
+ </properties>
+ </leafNode>
<leafNode name="mode">
<properties>
<help>ESP mode</help>