Page MenuHomeVyOS Platform

IPsec ability to show all configured connections
Closed, ResolvedPublicFEATURE REQUEST

Description

Add the ability to show all configured connections/tunnels and if it is possible their states.
Now we can see only established/installed security associations (SAs) with show vpn ipsec sa

proposed new command show vpn ipsec connections

also, add the ability to get data in the --raw format

Details

Difficulty level
Unknown (require assessment)
Version
-
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Feature (new functionality)

Related Objects

StatusSubtypeAssignedTask
OpenFEATURE REQUESTNone
ResolvedFEATURE REQUESTViacheslav

Event Timeline

Viacheslav changed the task status from Open to In progress.Sat, Nov 12, 5:30 AM
Viacheslav claimed this task.

PR https://github.com/vyos/vyos-1x/pull/1657

[email protected]:~$ show vpn ipsec connections 
Connection         State        Type    Remote address    Local TS        Remote TS    Proposal
-----------------  -----------  ------  ----------------  --------------  -----------  ---------------------------------------
OFFICE-B           established  IKEv1   192.0.2.2         -               -            AES_CBC/256/HMAC_SHA2_256_128/MODP_1024
OFFICE-B-tunnel-0  up           IPsec   192.0.2.2         192.168.0.0/24  10.0.0.0/21  AES_CBC/256/HMAC_SHA2_256_128/MODP_1024
OFFICE-B-tunnel-1  down         IPsec   192.0.2.2         192.168.1.0/24  10.0.0.0/21  -
OFFICE-B-tunnel-2  down         IPsec   192.0.2.2         192.168.2.0/24  10.0.0.0/21  -
OFFICE-C           down         IKEv1   192.0.2.2         -               -            -
OFFICE-C-tunnel-0  down         IPsec   192.0.2.2         192.168.5.0/24  10.0.0.0/21  -
[email protected]:~$
Viacheslav changed the task status from In progress to Needs testing.Sun, Nov 20, 10:20 PM
Viacheslav moved this task from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Viacheslav moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.3) board.