summaryrefslogtreecommitdiff
path: root/smoketest/scripts/cli/test_vpn_ipsec.py
diff options
context:
space:
mode:
authoraapostoliuk <a.apostoliuk@vyos.io>2023-01-18 19:15:44 +0200
committeraapostoliuk <a.apostoliuk@vyos.io>2023-01-18 19:15:44 +0200
commit7a663a75dc8b2f9842b72a05e17240edb4008849 (patch)
tree7bde236898035b5f95f54ae2d1ee7bd25bb6ebad /smoketest/scripts/cli/test_vpn_ipsec.py
parent6b2e7dc343eaf2e5eabbacb0d4b6440fb04ada94 (diff)
downloadvyos-1x-7a663a75dc8b2f9842b72a05e17240edb4008849.tar.gz
vyos-1x-7a663a75dc8b2f9842b72a05e17240edb4008849.zip
ipsec: T4925: Added PRF into IKE group
Added the possibility to configure Pseudo-Random Functions (PRF) in IKE group set vpn ipsec ike-group <Ike-grp> proposal <number> prf <PRF>
Diffstat (limited to 'smoketest/scripts/cli/test_vpn_ipsec.py')
-rwxr-xr-xsmoketest/scripts/cli/test_vpn_ipsec.py3
1 files changed, 2 insertions, 1 deletions
diff --git a/smoketest/scripts/cli/test_vpn_ipsec.py b/smoketest/scripts/cli/test_vpn_ipsec.py
index 46db0bbf5..03780c465 100755
--- a/smoketest/scripts/cli/test_vpn_ipsec.py
+++ b/smoketest/scripts/cli/test_vpn_ipsec.py
@@ -337,6 +337,7 @@ class TestVPNIPsec(VyOSUnitTestSHIM.TestCase):
self.cli_set(base_path + ['ike-group', ike_group, 'proposal', '2', 'dh-group', '2'])
self.cli_set(base_path + ['ike-group', ike_group, 'proposal', '2', 'encryption', 'aes256'])
self.cli_set(base_path + ['ike-group', ike_group, 'proposal', '2', 'hash', 'sha1'])
+ self.cli_set(base_path + ['ike-group', ike_group, 'proposal', '2', 'prf', 'prfsha1'])
# Profile
self.cli_set(base_path + ['profile', 'NHRPVPN', 'authentication', 'mode', 'pre-shared-secret'])
@@ -349,7 +350,7 @@ class TestVPNIPsec(VyOSUnitTestSHIM.TestCase):
swanctl_conf = read_file(swanctl_file)
swanctl_lines = [
- f'proposals = aes128-sha1-modp1024,aes256-sha1-modp1024',
+ f'proposals = aes128-sha1-modp1024,aes256-sha1-prfsha1-modp1024',
f'version = 1',
f'rekey_time = {ike_lifetime}s',
f'rekey_time = {esp_lifetime}s',