I am attempting to establish a routed IKEv2 IPsec VPN with my IPsec interface having a DHCP address.
I am unable to commit my configuration because dhcp-interface and local-address within the vpn component are mutually exclusive. However, I am unable to commit any vpn configuration without the declaration of a specific IP address, as it is required for VTI bound IPsec connections.
Interface config:
interfaces { ethernet eth0 { address dhcp description "Cust: pr140002 [10Mbit] (Internet:AT&T)" duplex auto hw-id 0c:c4:7a:db:ef:8c smp-affinity auto speed auto }
Error when vpn dhcp-interface and vpn local-address are set:
[ vpn ipsec site-to-site peer x.x.x.x ] VPN configuration error: Only one of local-address or dhcp-interface may be defined [[vpn]] failed Commit failed
Error when only vpn dhcp-interface is set:
[ vpn ] VPN VTI configuration error: local-address not defined. [[vpn]] failed Commit failed [edit]
Error when local-address is set to any:
[ vpn ] VPN VTI configuration error: Invalid local-address "any", an ip address must be specified for VTIs. [[vpn]] failed Commit failed [edit]