Page MenuHomeVyOS Platform
Create Task
Maniphest T1811

Upgrade from 1.1.8: Config file migration failed: module=l2tp
Closed, ResolvedPublicBUG
Actions

Description

Built a Crux image from source last night, the source that will eventually become 1.2.4. Upgraded a VyOS 1.1.8 box with a very basic firewall and very basic L2TP setup.

I don't have any mention of radius-server in my 1.1.8 config. When testing, my L2TP server works fine after upgrading, so that's good at least :-)

Nov 18 11:53:58 debian vyos-router[1044]: Starting VyOS router: migrateTraceback (most recent call last):
Nov 18 11:53:58 debian vyos-router[1044]: File "/opt/vyatta/etc/config-migrate/migrate/l2tp/0-to-1", line 38, in <module>
Nov 18 11:53:58 debian vyos-router[1044]: for server in config.list_nodes(cfg_base + ['radius-server']):
Nov 18 11:53:58 debian vyos-router[1044]: File "/usr/lib/python3/dist-packages/vyos/configtree.py", line 232, in list_nodes
Nov 18 11:53:58 debian vyos-router[1044]: raise ConfigTreeError("Path [{}] doesn't exist".format(path_str))
Nov 18 11:53:58 debian vyos-router[1044]: vyos.configtree.ConfigTreeError: Path [b'vpn l2tp remote-access authentication radius-server'] doesn't exist
Nov 18 11:53:58 debian config-migrate[1194]: Config file migration failed: module=l2tp ver=0 nxt=1 [No such file or directory]

Nov 18 12:16:15 vyos-vpn01 ipsec_starter[2165]: # deprecated keyword 'nat_traversal' in config setup
Nov 18 12:16:15 vyos-vpn01 ipsec_starter[2165]: # deprecated keyword 'virtual_private' in config setup
Nov 18 12:16:15 vyos-vpn01 ipsec_starter[2165]: # 2 parsing errors (0 fatal) #

The VPN part of the 1.1.8 config is as follows:
set vpn ipsec auto-update '60'
set vpn ipsec ipsec-interfaces interface 'eth0'
set vpn ipsec nat-networks allowed-network '0.0.0.0/0'
set vpn ipsec nat-traversal 'enable'
set vpn l2tp remote-access authentication local-users username lasseoe password 'fJxYXxRxUxrecxLxMF'
set vpn l2tp remote-access authentication mode 'local'
set vpn l2tp remote-access client-ip-pool start '10.10.17.145'
set vpn l2tp remote-access client-ip-pool stop '10.10.17.149'
set vpn l2tp remote-access dns-servers server-1 '10.10.19.1'
set vpn l2tp remote-access dns-servers server-2 '10.10.19.2'
set vpn l2tp remote-access ipsec-settings authentication mode 'pre-shared-secret'
set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret '7JxhjxWxTxDxTx7xDxzxex'
set vpn l2tp remote-access ipsec-settings ike-lifetime '3600'
set vpn l2tp remote-access outside-address 'x2.2x.xxx.1xx' <redacted>

[email protected]:~$ show version
Version: VyOS 1.2.4-tst
Built by: <redacted>
Built on: Sun 17 Nov 2019 21:49 UTC
Build UUID: 6cd1aece-3a87-49c8-aba7-47a9d3d6c707
Build Commit ID: 2e3bac5a0879ba

Architecture: x86_64
Boot via: installed image
System type: VMware guest

Details

Difficulty level
Unknown (require assessment)
Version
1.2.3
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)