diff options
author | Daniil Baturin <daniil@baturin.org> | 2018-06-03 05:32:19 +0200 |
---|---|---|
committer | Daniil Baturin <daniil@baturin.org> | 2018-06-03 05:32:19 +0200 |
commit | 90daa5e2cf02ffd3fd5936b4f372f1e85ab62ef6 (patch) | |
tree | 52644fe91c46af6dbad1edf2664e2f359ed6c992 /templates | |
parent | 5ff70d5fe970fa13b76ed4207dded560cd6b3ea1 (diff) | |
download | vyatta-cfg-vpn-90daa5e2cf02ffd3fd5936b4f372f1e85ab62ef6.tar.gz vyatta-cfg-vpn-90daa5e2cf02ffd3fd5936b4f372f1e85ab62ef6.zip |
T674: set DH group default in IKE groups to 2.
Using the default: tag in the template for now, this issue should be
addressed properly when we get to rewriting IPsec scripts.
Diffstat (limited to 'templates')
-rw-r--r-- | templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/dh-group/node.def | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/dh-group/node.def b/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/dh-group/node.def index 307dc09..32deb66 100644 --- a/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/dh-group/node.def +++ b/templates/vpn/ipsec/ike-group/node.tag/proposal/node.tag/dh-group/node.def @@ -1,5 +1,6 @@ help: Diffie-Hellman (DH) key exchange group type: u32 +default: 2 syntax:expression: ($VAR(@) == 2 || $VAR(@) == 5 || ($VAR(@) >= 14 && $VAR(@) <= 26)); "must be 2, 5 or 14 through 26" val_help: 2; DH group 2 (modp1024) val_help: 5; DH group 5 (modp1536) |