From 2ac4a8a5fed9db471b7ffac0f54e6741c6f87834 Mon Sep 17 00:00:00 2001
From: Viacheslav Hletenko <v.gletenko@vyos.io>
Date: Mon, 21 Nov 2022 18:42:41 +0000
Subject: T4823: Fix IPsec transport mode remote TS

Remote TS for transport mode GRE must be remote-address and
not peer name
---
 data/templates/ipsec/swanctl/peer.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/templates/ipsec/swanctl/peer.j2 b/data/templates/ipsec/swanctl/peer.j2
index d097a04fc..837fa263c 100644
--- a/data/templates/ipsec/swanctl/peer.j2
+++ b/data/templates/ipsec/swanctl/peer.j2
@@ -124,7 +124,7 @@
 {%             endif %}
 {%         elif tunnel_esp.mode == 'transport' %}
                 local_ts = {{ peer_conf.local_address }}{{ local_suffix }}
-                remote_ts = {{ peer }}{{ remote_suffix }}
+                remote_ts = {{ peer_conf.remote_address | join(",") }}{{ remote_suffix }}
 {%         endif %}
                 ipcomp = {{ 'yes' if tunnel_esp.compression is vyos_defined else 'no' }}
                 mode = {{ tunnel_esp.mode }}
-- 
cgit v1.2.3