Migrate all vpn IPSec OP commands to VICI python module. We have already command show vpn ipsec sa which utilized VICI and will be good migrate others command to python code.
Description
Description
Details
Details
- Difficulty level
- Hard (possibly days)
- Version
- -
- Why the issue appeared?
- Will be filled on close
- Is it a breaking change?
- Perfectly compatible
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Resolved | sarthurdev | T2816 Rewrite IPsec scripts with the new XML/Python approach | |||
| Resolved | FEATURE REQUEST | sarthurdev | T2641 Rewrite vpn ipsec OP commands in new style XML syntax | ||
| Resolved | BUG | Viacheslav | T3333 "show vpn ipsec sa" reports ESP tunnels to be up when they are not. |
Event Timeline
Comment Actions
Going to mention this in here:
I had problem resetting a tunnel configured with ipsec sourced from loopback with gre on top of that. When configured with @remote_it I was unable to use reset command.
olof@vyos_1.2.3:~$ reset vpn ipsec-peer @remote_id Resetting tunnel 1 with peer @remote_id... olof@vyos_1.2.3:~$ show vpn ipsec sa | grep remote_id peer-remote_id-tunnel-1 up 50 minutes 4M/2M
Only restart vpn actually reset that vpn peer (along with the rest of the tunnels configured on that vyosrouter)
And T2639 if it is relevant.