So I have 3 routers... 2 of them are VyOS and the 3rd is MT. Basic config..
bgp-a <---> nova <---> bgp-b
bgp-b is running 1.1.8
bgp-a is running 1.2.0-rc7
This config works fine on bgp-b / 1.1.8... but is failing on 1.2.0-rc7
Has the config changed..? or have I hit a bug ;)
vpn {
ipsec {
esp-group nova-esp {
compression disable
lifetime 3600
mode tunnel
pfs enable
proposal 1 {
encryption aes256
hash sha256
}
}
ike-group nova-ike {
ikev2-reauth no
key-exchange ikev1
lifetime 28800
proposal 1 {
dh-group 21
encryption aes256
hash sha256
}
}
ipsec-interfaces {
interface eth0
}
site-to-site {
peer 2.2.2.2 {
authentication {
mode pre-shared-secret
pre-shared-secret longrandomdata
}
connection-type respond
default-esp-group nova-esp
ike-group nova-ike
local-address 1.1.1.1
tunnel 1 {
protocol gre
}
}
}
}
}