diff options
author | aapostoliuk <a.apostoliuk@vyos.io> | 2023-01-18 19:15:44 +0200 |
---|---|---|
committer | aapostoliuk <a.apostoliuk@vyos.io> | 2023-01-18 19:15:44 +0200 |
commit | 7a663a75dc8b2f9842b72a05e17240edb4008849 (patch) | |
tree | 7bde236898035b5f95f54ae2d1ee7bd25bb6ebad /python/vyos | |
parent | 6b2e7dc343eaf2e5eabbacb0d4b6440fb04ada94 (diff) | |
download | vyos-1x-7a663a75dc8b2f9842b72a05e17240edb4008849.tar.gz vyos-1x-7a663a75dc8b2f9842b72a05e17240edb4008849.zip |
ipsec: T4925: Added PRF into IKE group
Added the possibility to configure Pseudo-Random Functions (PRF)
in IKE group
set vpn ipsec ike-group <Ike-grp> proposal <number> prf <PRF>
Diffstat (limited to 'python/vyos')
-rw-r--r-- | python/vyos/template.py | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/python/vyos/template.py b/python/vyos/template.py index 2a4135f9e..ce9983958 100644 --- a/python/vyos/template.py +++ b/python/vyos/template.py @@ -476,6 +476,8 @@ def get_esp_ike_cipher(group_config, ike_group=None): continue tmp = '{encryption}-{hash}'.format(**proposal) + if 'prf' in proposal: + tmp += '-' + proposal['prf'] if 'dh_group' in proposal: tmp += '-' + pfs_lut[ 'dh-group' + proposal['dh_group'] ] elif 'pfs' in group_config and group_config['pfs'] != 'disable': |