Merge pull request #51 from goodNETnick/ipsecIKE12

IPsec: T4005: IKEv1 + IKEv2 in one ike-group

2 files changed, 3 insertions, 4 deletions

diff --git a/scripts/vpn-config.pl b/scripts/vpn-config.pl
index 69d82af..8bb052c 100755
--- a/scripts/vpn-config.pl
+++ b/scripts/vpn-config.pl
@@ -723,7 +723,7 @@ if ($vcVPN->exists('ipsec')) {
                         $genout .= "\tkeyexchange=ikev2\n";
                     }
                 }else {
-                    $genout .= "\tkeyexchange=ikev1\n";
+                    $genout .= "\tkeyexchange=ike\n";
                 }
 
                 #
diff --git a/templates/vpn/ipsec/ike-group/node.tag/key-exchange/node.def b/templates/vpn/ipsec/ike-group/node.tag/key-exchange/node.def
index f68dc69..428fec9 100644
--- a/templates/vpn/ipsec/ike-group/node.tag/key-exchange/node.def
+++ b/templates/vpn/ipsec/ike-group/node.tag/key-exchange/node.def
@@ -1,6 +1,5 @@
-help: Key Exchange Version
+help: Key Exchange Version. If not set, both versions of IKE will be allowed (with priority to IKEv2)
 type: txt
-default: "ikev1"
 syntax:expression: $VAR(@) in "ikev1", "ikev2"; "must be ikev1 or ikev2"
-val_help: ikev1; Use IKEv1 for Key Exchange [DEFAULT]
+val_help: ikev1; Use IKEv1 for Key Exchange
 val_help: ikev2; Use IKEv2 for Key Exchange