[email protected]# show vpn +ipsec { + esp-group ESP1 { + compression disable + lifetime 3600 + mode tunnel + pfs enable + proposal 1 { + encryption aes256 + hash sha256 + } + } + ike-group IKE1 { + close-action none + ikev2-reauth no + key-exchange ikev1 + lifetime 28800 + proposal 1 { + dh-group 2 + encryption aes256 + hash sha256 + } + } + interface dum0 + site-to-site { + peer 172.18.254.202 { + authentication { + mode pre-shared-secret + pre-shared-secret secret + } + connection-type initiate + default-esp-group ESP1 + ike-group IKE1 + ikev2-reauth inherit + local-address 172.18.254.201 + vti { + bind vti1 + } + } + } +} [edit] [email protected]# commit [ vpn ipsec ] VyOS had an issue completing a command. We are sorry that you encountered a problem while using VyOS. There are a few things you can do to help us (and yourself): - Contact us using the online help desk if you have a subscription: https://support.vyos.io/ - Make sure you are running the latest version of VyOS available at: https://vyos.net/get/ - Consult the community forum to see how to handle this issue: https://forum.vyos.io - Join us on Slack where our users exchange help and advice: https://vyos.slack.com When reporting problems, please include as much information as possible: - do not obfuscate any data (feel free to contact us privately if your business policy requires it) - and include all the information presented below Report Time: 2021-07-26 20:39:50 Image Version: VyOS 1.4-rolling-202107242017 Release Train: sagitta Built by: [email protected] Built on: Mon 26 Jul 2021 01:17 UTC Build UUID: bf8bb33c-1634-4b04-9693-e458f634222c Build Commit ID: 404ef29d13cfe8 Architecture: x86_64 Boot via: installed image System type: VMware guest Hardware vendor: VMware, Inc. Hardware model: VMware Virtual Platform Hardware S/N: VMware-42 3f 67 73 77 df c4 80-42 c9 42 af ff 15 de 0b Hardware UUID: 73673f42-df77-80c4-42c9-42afff15de0b Traceback (most recent call last): File "/usr/libexec/vyos/conf_mode/vpn_ipsec.py", line 579, in <module> generate(ipsec) File "/usr/libexec/vyos/conf_mode/vpn_ipsec.py", line 541, in generate render(swanctl_conf, 'ipsec/swanctl.conf.tmpl', ipsec) File "/usr/lib/python3/dist-packages/vyos/template.py", line 112, in render rendered = render_to_string(template, content, formater) File "/usr/lib/python3/dist-packages/vyos/template.py", line 82, in render_to_string rendered = template.render(content) File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 1090, in render self.environment.handle_exception() File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 832, in handle_exception reraise(*rewrite_traceback_stack(source=source)) File "/usr/lib/python3/dist-packages/jinja2/_compat.py", line 28, in reraise raise value.with_traceback(tb) File "/usr/share/vyos/templates/ipsec/swanctl.conf.tmpl", line 15, in top-level template code {{ peer_tmpl.conn(peer, peer_conf, ike_group, esp_group) }} File "/usr/lib/python3/dist-packages/jinja2/runtime.py", line 679, in _invoke rv = self._func(*arguments) File "/usr/share/vyos/templates/ipsec/swanctl/peer.tmpl", line 59, in template esp_proposals = {{ vti_esp | get_esp_ike_cipher | join(',') }} File "/usr/lib/python3/dist-packages/vyos/template.py", line 419, in get_esp_ike_cipher if 'proposal' in group_config: TypeError: argument of type 'NoneType' is not iterable [[vpn ipsec]] failed Commit failed [edit] [email protected]#
Description
Description
Details
Details
- Difficulty level
- Easy (less than an hour)
- Version
- 1.4-rolling-202107242017
- Why the issue appeared?
- Will be filled on close
- Is it a breaking change?
- Unspecified (possibly destroys the router)