Page MenuHomePhabricator

Make it possible to disable the entire IPsec peer
Open, WishlistPublicENHANCEMENT

Description

At this time it's not possible to disable a peer, you can only disable individual tunnels.
Sometimes there are way too many tunnels (in the case that prompted me to write this, there is over a dozen of them).
Even if there are just a few, going through all of them is not exactly handy either.

Details

Difficulty level
Easy (less than an hour)
Version
-
dmbaturin created this task.May 4 2016, 3:59 AM
syncer changed the edit policy from "Public (No Login Required)" to "Custom Policy".Aug 21 2017, 1:52 AM
syncer edited projects, added VyOS 1.2.x; removed VyOS 1.1.x.
syncer set Version to -.
syncer edited subscribers, added: Maintainers, syncer; removed: dmbaturin.

Moved this to 1.2.x wish list

c-po added a subscriber: c-po.Aug 29 2017, 10:11 AM

+1

During restructuring my IPsec HUB/SPOKES I would have liked this possibility, too.

Maybe it's super trivial, if peer x.x.x.x { disabled } node exists, just skip the generation of this config file entry.

dmbaturin moved this task from Need Triage to Wishlist on the VyOS 1.2.x board.May 31 2018, 12:16 AM

I think it's best done at the same time with IPsec CLI rewrite.

dmbaturin edited projects, added VyOS 1.3.x; removed VyOS 1.2.x.Sep 2 2018, 9:50 PM
syncer changed the subtype of this task from "Task" to "Enhancement".Sat, Oct 20, 4:49 AM