summaryrefslogtreecommitdiff
path: root/data/templates/ipsec/charon.tmpl
diff options
context:
space:
mode:
authorViacheslav Hletenko <v.gletenko@vyos.i>2022-02-17 21:18:37 +0000
committerViacheslav Hletenko <v.gletenko@vyos.io>2022-02-19 16:50:29 +0000
commitf6c2b5e4762e7713c5868bebf8e482ce732e3302 (patch)
treec8a10bd3d5ffc6970d548eec98ddc3feb18c4fd6 /data/templates/ipsec/charon.tmpl
parente66879f71da3383a84ebfe6235795e718c32bdb9 (diff)
downloadvyos-1x-f6c2b5e4762e7713c5868bebf8e482ce732e3302.tar.gz
vyos-1x-f6c2b5e4762e7713c5868bebf8e482ce732e3302.zip
vpn: T4254: Add cisco_flexvpn and install_virtual_ip_on options
Ability to set Cisco FlexVPN vendor ID payload: charon.cisco_flexvpn charon.install_virtual_ip_on swanctl.connections.<conn>.vips = x.x.x.x, z.z.z.z set vpn ipsec options flexvpn set vpn ipsec options virtual-ip set vpn ipsec options interface tunX set vpn ipsec site-to-site peer x.x.x.x virtual-address x.x.x.x
Diffstat (limited to 'data/templates/ipsec/charon.tmpl')
-rw-r--r--data/templates/ipsec/charon.tmpl11
1 files changed, 11 insertions, 0 deletions
diff --git a/data/templates/ipsec/charon.tmpl b/data/templates/ipsec/charon.tmpl
index 4d710921e..b9b020dcd 100644
--- a/data/templates/ipsec/charon.tmpl
+++ b/data/templates/ipsec/charon.tmpl
@@ -20,6 +20,17 @@ charon {
# Send Cisco Unity vendor ID payload (IKEv1 only).
# cisco_unity = no
+ # Cisco FlexVPN
+{% if options is defined %}
+ cisco_flexvpn = {{ 'yes' if options.flexvpn is defined else 'no' }}
+{% if options.virtual_ip is defined %}
+ install_virtual_ip = yes
+{% endif %}
+{% if options.interface is defined and options.interface is not none %}
+ install_virtual_ip_on = {{ options.interface }}
+{% endif %}
+{% endif %}
+
# Close the IKE_SA if setup of the CHILD_SA along with IKE_AUTH failed.
# close_ike_on_child_failure = no