summaryrefslogtreecommitdiff
path: root/data/templates/ipsec/ipsec.secrets.tmpl
diff options
context:
space:
mode:
Diffstat (limited to 'data/templates/ipsec/ipsec.secrets.tmpl')
-rw-r--r--data/templates/ipsec/ipsec.secrets.tmpl19
1 files changed, 0 insertions, 19 deletions
diff --git a/data/templates/ipsec/ipsec.secrets.tmpl b/data/templates/ipsec/ipsec.secrets.tmpl
index 0d2654abc..43b5fe0d2 100644
--- a/data/templates/ipsec/ipsec.secrets.tmpl
+++ b/data/templates/ipsec/ipsec.secrets.tmpl
@@ -1,24 +1,5 @@
# Created by VyOS - manual changes will be overwritten
-{% if site_to_site is defined and "peer" in site_to_site %}
-{% set ns = namespace(local_key_set=False) %}
-{% for peer, peer_conf in site_to_site.peer.items() if peer not in dhcp_no_address and peer_conf.disable is not defined %}
-{% if peer_conf.authentication.mode == 'pre-shared-secret' %}
-{{ (peer_conf.local_address if "local_address" in peer_conf else "%any") ~
- (" " ~ peer) ~
- ((" " ~ peer_conf.authentication.id) if "id" in peer_conf.authentication else "") ~
- ((" " ~ peer_conf.authentication.remote_id) if "remote_id" in peer_conf.authentication else "")
-}} : PSK "{{ peer_conf.authentication.pre_shared_secret }}" # dhcp:{{ peer_conf.dhcp_interface if 'dhcp_interface' in peer_conf else 'no' }}
-{% elif peer_conf.authentication.mode == 'x509' %}
-{% set key_file = peer_conf.authentication.x509.key.file %}
-: RSA {{ key_file if key_file.startswith(x509_path) else (x509_path + key_file) }}{% if "password" in peer_conf.authentication.x509.key and peer_conf.authentication.x509.key.password %} "{{ peer_conf.authentication.x509.key.password}}"{% endif %}
-{% elif peer_conf.authentication.mode == 'rsa' and not ns.local_key_set %}
-{% set ns.local_key_set = True %}
-: RSA {{ rsa_local_key }}
-{% endif %}
-{% endfor %}
-{% endif %}
-
{% if include_ipsec_secrets is defined %}
include {{ include_ipsec_secrets }}
{% endif %}