diff options
| -rwxr-xr-x | scripts/vpn-config.pl | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/scripts/vpn-config.pl b/scripts/vpn-config.pl index 7f51fc1..582e3a7 100755 --- a/scripts/vpn-config.pl +++ b/scripts/vpn-config.pl @@ -868,8 +868,10 @@ if ($vcVPN->exists('ipsec')) { } if (defined($pfs)) { if ($pfs eq 'enable') { + # Get list of IKE proposals + my @ike_proposals = $vcVPN->listNodes("ipsec ike-group $ike_group proposal"); # Get the first IKE group's dh-group and use that as our PFS setting - my $default_pfs = $vcVPN->returnValue("ipsec ike-group $ike_group proposal 1 dh-group"); + my $default_pfs = $vcVPN->returnValue("ipsec ike-group $ike_group proposal $ike_proposals[0] dh-group"); $pfs = get_dh_cipher_result($default_pfs); } elsif ($pfs eq 'disable') { undef $pfs; |