2 files changed, 13 insertions, 6 deletions

diff --git a/python/vyos/airbag.py b/python/vyos/airbag.py
index a20f44207..3c7a144b7 100644
--- a/python/vyos/airbag.py
+++ b/python/vyos/airbag.py
@@ -125,14 +125,14 @@ def _intercepting_exceptions(_singleton=[False]):
 # if the key before the value has not time, syslog takes that as the source of the message
 
 FAULT = """\
-Report Time:      {date}
-Image Version:    VyOS {version}
-Release Train:    {release_train}
+Report time:      {date}
+Image version:    VyOS {version}
+Release train:    {release_train}
 
 Built by:         {built_by}
 Built on:         {built_on}
 Build UUID:       {build_uuid}
-Build Commit ID:  {build_git}
+Build commit ID:  {build_git}
 
 Architecture:     {system_arch}
 Boot via:         {boot_via}
diff --git a/python/vyos/template.py b/python/vyos/template.py
index ee6e52e1d..d13915766 100644
--- a/python/vyos/template.py
+++ b/python/vyos/template.py
@@ -393,8 +393,15 @@ def get_ip(interface):
     from vyos.ifconfig import Interface
     return Interface(interface).get_addr()
 
+def get_first_ike_dh_group(ike_group):
+    if ike_group and 'proposal' in ike_group:
+        for priority, proposal in ike_group['proposal'].items():
+            if 'dh_group' in proposal:
+                return 'dh-group' + proposal['dh_group']
+    return 'dh-group2' # Fallback on dh-group2
+
 @register_filter('get_esp_ike_cipher')
-def get_esp_ike_cipher(group_config):
+def get_esp_ike_cipher(group_config, ike_group=None):
     pfs_lut = {
         'dh-group1'  : 'modp768',
         'dh-group2'  : 'modp1024',
@@ -433,7 +440,7 @@ def get_esp_ike_cipher(group_config):
             elif 'pfs' in group_config and group_config['pfs'] != 'disable':
                 group = group_config['pfs']
                 if group_config['pfs'] == 'enable':
-                    group = 'dh-group2'
+                    group = get_first_ike_dh_group(ike_group)
                 tmp += '-' + pfs_lut[group]
 
             ciphers.append(tmp)