2 files changed, 8 insertions, 4 deletions

diff --git a/scripts/vpn-config.pl b/scripts/vpn-config.pl
index 5f27ae0..4eabbe1 100755
--- a/scripts/vpn-config.pl
+++ b/scripts/vpn-config.pl
@@ -423,9 +423,9 @@ if ( $vcVPN->exists('ipsec') ) {
     if ( (!defined($lip) || $lip eq "") && (!defined($dhcp_iface) || $dhcp_iface eq "") ) {
       vpn_die(["vpn","ipsec","site-to-site","peer",$peer,"local-address"],
         "$vpn_cfg_err No local-address specified for peer \"$peer\"\n");
-    } elsif ( $lip ne '0.0.0.0' ) {
+    } elsif ( $lip ne 'any' ) {
 
-      # not '0.0.0.0' special case.
+      # not 'any' special case.
       # check interface addresses.
       if ( !Vyatta::Misc::isIPinInterfaces( $vc, $lip, @interfaces ) ) {
         vpn_log(
@@ -519,7 +519,7 @@ if ( $vcVPN->exists('ipsec') ) {
       # Assign left and right to local and remote interfaces
       #
       if ( defined($lip) ) {
-        if ( $lip eq '0.0.0.0' ) {
+        if ( $lip eq 'any' ) {
           $genout .= "\tleft=%defaultroute\n";
           # no need for leftsourceip as a defaultroute is must for this to work
         } else {
diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/local-address/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/local-address/node.def
index 370b2bd..c738bd6 100644
--- a/templates/vpn/ipsec/site-to-site/peer/node.tag/local-address/node.def
+++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/local-address/node.def
@@ -1,5 +1,9 @@
 help: IPv4 or IPv6 address of a local interface to use for VPN
+type: ipv4
+type: ipv6
 type: txt
+allowed: echo "any"
 val_help: ipv4; IPv4 address of a local interface for VPN
 val_help: ipv6; IPv6 address of a local interface for VPN
-syntax:expression: exec "/opt/vyatta/sbin/is_valid_address.pl $VAR(@)" 
+val_help: any; Allow any IPv4 address present on the system to be used for VPN
+syntax:expression: exec "/opt/vyatta/sbin/is_valid_address.pl $VAR(@)"