Page MenuHomeVyOS Platform

Make it possible to disable the entire IPsec peer
Closed, ResolvedPublicENHANCEMENT


At this time it's not possible to disable a peer, you can only disable individual tunnels.
Sometimes there are way too many tunnels (in the case that prompted me to write this, there is over a dozen of them).
Even if there are just a few, going through all of them is not exactly handy either.


Difficulty level
Easy (less than an hour)
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

syncer changed the edit policy from "Public (No Login Required)" to "Custom Policy".Aug 21 2017, 1:52 AM
syncer edited projects, added VyOS 1.2 Crux; removed VyOS 1.1.x.
syncer set Version to -.
syncer edited subscribers, added: Maintainers, syncer; removed: dmbaturin.

Moved this to 1.2.x wish list


During restructuring my IPsec HUB/SPOKES I would have liked this possibility, too.

Maybe it's super trivial, if peer x.x.x.x { disabled } node exists, just skip the generation of this config file entry.

I think it's best done at the same time with IPsec CLI rewrite.

syncer changed the subtype of this task from "Task" to "Enhancement".Oct 20 2018, 4:49 AM
c-po reassigned this task from dmbaturin to sarthurdev.
c-po set Why the issue appeared? to Will be filled on close.
c-po set Is it a breaking change? to Unspecified (possibly destroys the router).
c-po added a subscriber: dmbaturin.