a similar problem is shown in the below link from ubnt edgeos . it seems this bug has carried over from the vyatta code.
problem shows up in both 1.1.x and 1.2.0 versions of vyos.
unable to use ipsec over ipv6
Derived from above link, when an ipv6 ipsec site to site vpn is created with a IPv6 VPN endpoint.
vpn { ipsec { auto-firewall-nat-exclude disable esp-group ESP1 { compression disable lifetime 3600 mode transport pfs enable proposal 1 { encryption aes128 hash sha1 } } ike-group IKE1 { dead-peer-detection { action restart interval 15 timeout 90 } ikev2-reauth no key-exchange ikev1 lifetime 28800 proposal 1 { dh-group 2 encryption aes128 hash sha1 } } ipsec-interfaces { interface eth0 } site-to-site { peer yyyy:yyyy:yyyy:yyyy:yyyy:yyyy:yyyy:yyyy { authentication { mode pre-shared-secret pre-shared-secret PassWord } default-esp-group ESP1 ike-group IKE1 local-address xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx tunnel 1 { } } } } }
the following error appears:
commit [ vpn ] [ vpn ipsec site-to-site peer yyyy:yyyy:yyyy:yyyy:yyyy:yyyy:yyyy:yyyy tunnel 1 ] VPN configuration error: IPv4 over IPv6 IPsec is not supported