diff options
author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2024-11-19 17:44:58 +0000 |
---|---|---|
committer | Viacheslav Hletenko <v.gletenko@vyos.io> | 2024-11-21 13:34:51 +0000 |
commit | 5c7647bcc242d4b26cd9afdde1f084ef93916727 (patch) | |
tree | f87fe803bce58e2245b7273cf95c8ffc69e6f734 /data | |
parent | 8f76c96cb4d7132b7654aa5f37e8ab49fa2e137a (diff) | |
download | vyos-1x-5c7647bcc242d4b26cd9afdde1f084ef93916727.tar.gz vyos-1x-5c7647bcc242d4b26cd9afdde1f084ef93916727.zip |
T264: IPsec add base64 encoded secret-type feature
Add the ability to configure base64 encoded passwords for
VPN IPSec site-to-site peers
authentication psk PSK secret 'xxxxx=='
authentication psk PSK secret-type <base64|plaintext>
Diffstat (limited to 'data')
-rw-r--r-- | data/templates/ipsec/swanctl.conf.j2 | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/data/templates/ipsec/swanctl.conf.j2 b/data/templates/ipsec/swanctl.conf.j2 index 698a9135e..64e7ea860 100644 --- a/data/templates/ipsec/swanctl.conf.j2 +++ b/data/templates/ipsec/swanctl.conf.j2 @@ -87,7 +87,11 @@ secrets { id-{{ gen_uuid }} = "{{ id }}" {% endfor %} {% endif %} +{% if psk_config.secret_type is vyos_defined('base64') %} + secret = 0s{{ psk_config.secret }} +{% elif psk_config.secret_type is vyos_defined('plaintext') %} secret = "{{ psk_config.secret }}" +{% endif %} } {% endfor %} {% endif %} |