From 5c7647bcc242d4b26cd9afdde1f084ef93916727 Mon Sep 17 00:00:00 2001 From: Viacheslav Hletenko Date: Tue, 19 Nov 2024 17:44:58 +0000 Subject: T264: IPsec add base64 encoded secret-type feature Add the ability to configure base64 encoded passwords for VPN IPSec site-to-site peers authentication psk PSK secret 'xxxxx==' authentication psk PSK secret-type --- data/templates/ipsec/swanctl.conf.j2 | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'data') diff --git a/data/templates/ipsec/swanctl.conf.j2 b/data/templates/ipsec/swanctl.conf.j2 index 698a9135e..64e7ea860 100644 --- a/data/templates/ipsec/swanctl.conf.j2 +++ b/data/templates/ipsec/swanctl.conf.j2 @@ -87,7 +87,11 @@ secrets { id-{{ gen_uuid }} = "{{ id }}" {% endfor %} {% endif %} +{% if psk_config.secret_type is vyos_defined('base64') %} + secret = 0s{{ psk_config.secret }} +{% elif psk_config.secret_type is vyos_defined('plaintext') %} secret = "{{ psk_config.secret }}" +{% endif %} } {% endfor %} {% endif %} -- cgit v1.2.3