summaryrefslogtreecommitdiff
path: root/data/templates/ipsec/swanctl/peer.j2
diff options
context:
space:
mode:
Diffstat (limited to 'data/templates/ipsec/swanctl/peer.j2')
-rw-r--r--data/templates/ipsec/swanctl/peer.j26
1 files changed, 6 insertions, 0 deletions
diff --git a/data/templates/ipsec/swanctl/peer.j2 b/data/templates/ipsec/swanctl/peer.j2
index c5841fb91..58f0199fa 100644
--- a/data/templates/ipsec/swanctl/peer.j2
+++ b/data/templates/ipsec/swanctl/peer.j2
@@ -86,6 +86,9 @@
dpd_action = {{ ike.dead_peer_detection.action }}
{% endif %}
close_action = {{ ike.close_action }}
+{% if peer_conf.replay_window is vyos_defined %}
+ replay_window = {{ peer_conf.replay_window }}
+{% endif %}
}
{% elif peer_conf.tunnel is vyos_defined %}
{% for tunnel_id, tunnel_conf in peer_conf.tunnel.items() if tunnel_conf.disable is not defined %}
@@ -136,6 +139,9 @@
dpd_action = {{ ike.dead_peer_detection.action }}
{% endif %}
close_action = {{ ike.close_action }}
+{% if peer_conf.replay_window is vyos_defined %}
+ replay_window = {{ peer_conf.replay_window }}
+{% endif %}
{% if peer_conf.vti.bind is vyos_defined %}
{# The key defaults to 0 and will match any policies which similarly do not have a lookup key configuration. #}
{# Thus we simply shift the key by one to also support a vti0 interface #}
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-25 02:31:26 +0000