Page MenuHomeVyOS Platform

Make it possible to disable the entire IPsec peer
Open, WishlistPublicENHANCEMENT


At this time it's not possible to disable a peer, you can only disable individual tunnels.
Sometimes there are way too many tunnels (in the case that prompted me to write this, there is over a dozen of them).
Even if there are just a few, going through all of them is not exactly handy either.


Difficulty level
Easy (less than an hour)

Event Timeline

syncer changed the edit policy from "Public (No Login Required)" to "Custom Policy".Aug 21 2017, 1:52 AM
syncer edited projects, added VyOS 1.2 Crux; removed VyOS 1.1.x.
syncer set Version to -.
syncer edited subscribers, added: Maintainers, syncer; removed: dmbaturin.

Moved this to 1.2.x wish list


During restructuring my IPsec HUB/SPOKES I would have liked this possibility, too.

Maybe it's super trivial, if peer x.x.x.x { disabled } node exists, just skip the generation of this config file entry.

I think it's best done at the same time with IPsec CLI rewrite.

syncer changed the subtype of this task from "Task" to "Enhancement".Oct 20 2018, 4:49 AM