summaryrefslogtreecommitdiff
path: root/data/templates/ipsec/ipsec.conf.tmpl
diff options
context:
space:
mode:
Diffstat (limited to 'data/templates/ipsec/ipsec.conf.tmpl')
-rw-r--r--data/templates/ipsec/ipsec.conf.tmpl4
1 files changed, 2 insertions, 2 deletions
diff --git a/data/templates/ipsec/ipsec.conf.tmpl b/data/templates/ipsec/ipsec.conf.tmpl
index 53cba44b9..18f6c0988 100644
--- a/data/templates/ipsec/ipsec.conf.tmpl
+++ b/data/templates/ipsec/ipsec.conf.tmpl
@@ -7,7 +7,7 @@ config setup
uniqueids = {{ "no" if disable_uniqreqids is defined else "yes" }}
{% if site_to_site is defined and site_to_site.peer is defined %}
-{% for peer, peer_conf in site_to_site.peer.items() if peer not in dhcp_no_address %}
+{% for peer, peer_conf in site_to_site.peer.items() if peer not in dhcp_no_address and peer_conf.disable is not defined %}
{% set peer_index = loop.index %}
{% set peer_ike = ike_group[peer_conf.ike_group] %}
{% set peer_esp = esp_group[peer_conf.default_esp_group] if peer_conf.default_esp_group is defined else None %}
@@ -60,7 +60,7 @@ conn peer-{{ peer }}-vti
{% endif %}
{% endif %}
{% elif peer_conf.tunnel is defined %}
-{% for tunnel_id, tunnel_conf in peer_conf.tunnel.items() %}
+{% for tunnel_id, tunnel_conf in peer_conf.tunnel.items() if tunnel_conf.disable is not defined %}
{% set tunnel_esp_name = tunnel_conf.esp_group if "esp_group" in tunnel_conf else peer_conf.default_esp_group %}
{% set tunnel_esp = esp_group[tunnel_esp_name] %}
{% set proto = tunnel_conf.protocol if "protocol" in tunnel_conf else '%any' %}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-14 11:50:23 +0000