summaryrefslogtreecommitdiff
path: root/python/vyos
diff options
context:
space:
mode:
authoraapostoliuk <a.apostoliuk@vyos.io>2023-01-18 19:15:44 +0200
committeraapostoliuk <a.apostoliuk@vyos.io>2023-01-18 19:15:44 +0200
commit7a663a75dc8b2f9842b72a05e17240edb4008849 (patch)
tree7bde236898035b5f95f54ae2d1ee7bd25bb6ebad /python/vyos
parent6b2e7dc343eaf2e5eabbacb0d4b6440fb04ada94 (diff)
downloadvyos-1x-7a663a75dc8b2f9842b72a05e17240edb4008849.tar.gz
vyos-1x-7a663a75dc8b2f9842b72a05e17240edb4008849.zip
ipsec: T4925: Added PRF into IKE group
Added the possibility to configure Pseudo-Random Functions (PRF) in IKE group set vpn ipsec ike-group <Ike-grp> proposal <number> prf <PRF>
Diffstat (limited to 'python/vyos')
-rw-r--r--python/vyos/template.py2
1 files changed, 2 insertions, 0 deletions
diff --git a/python/vyos/template.py b/python/vyos/template.py
index 2a4135f9e..ce9983958 100644
--- a/python/vyos/template.py
+++ b/python/vyos/template.py
@@ -476,6 +476,8 @@ def get_esp_ike_cipher(group_config, ike_group=None):
continue
tmp = '{encryption}-{hash}'.format(**proposal)
+ if 'prf' in proposal:
+ tmp += '-' + proposal['prf']
if 'dh_group' in proposal:
tmp += '-' + pfs_lut[ 'dh-group' + proposal['dh_group'] ]
elif 'pfs' in group_config and group_config['pfs'] != 'disable':