summaryrefslogtreecommitdiff
path: root/templates/vpn
diff options
context:
space:
mode:
authorzsdc <taras@vyos.io>2020-07-13 17:48:47 +0300
committerDaniil Baturin <daniil@vyos.io>2020-07-30 17:58:09 +0300
commitf7463e61341adf9c2f518e158cf4e3a82ff210c1 (patch)
tree14a9559790cfa0b16b55b25d910fe6a922113bd4 /templates/vpn
parentc011b7c82176b92ecdf83071d55f2a21ab3f1a45 (diff)
downloadvyatta-cfg-vpn-f7463e61341adf9c2f518e158cf4e3a82ff210c1.tar.gz
vyatta-cfg-vpn-f7463e61341adf9c2f518e158cf4e3a82ff210c1.zip
ESP: T2701: Fixed "pfs enable" option usage
When in ESP group configured "pfs enable" option (default behavior), PFS settings are taken from the IKE proposal 1. In case if there is no "proposal 1", this ends up with broken ESP settings and unusable VPN peer. This fix replacing logic by taking PFS from the first one IKE proposal, regardless of its number.
Diffstat (limited to 'templates/vpn')
0 files changed, 0 insertions, 0 deletions