Page MenuHomeVyOS Platform
Create Task
Maniphest T6682

show vpn ike sa peer always shows all SAs
Closed, ResolvedPublicBUG
Actions

Description

At the moment, my router has three active IPsec-tunnels. The three corresponding SAs can be showed by show vpn ike sa. That works fine.

But it is not possible to show only one selected peer:

manuel@mvr02:~$ show vpn ike sa peer 193.122.xx.xx
Peer ID / IP                            Local ID / IP
------------                            -------------
193.122.xx.xx 193.122.xx.xx             87.106.xxx.xxx 87.106.xxx.xxx          

    State  IKEVer  Encrypt      Hash          D-H Group      NAT-T  A-Time  L-Time
    -----  ------  -------      ----          ---------      -----  ------  ------
    up     IKEv2   AES_CBC_256  HMAC_SHA2_384_192 MODP_1536      no     526     25730  

Peer ID / IP                            Local ID / IP
------------                            -------------
109.250.168.xxx fw1int                  87.106.xxx.xxx mvr02                   

    State  IKEVer  Encrypt      Hash          D-H Group      NAT-T  A-Time  L-Time
    -----  ------  -------      ----          ---------      -----  ------  ------
    up     IKEv2   AES_CBC_256  HMAC_SHA2_256_128 MODP_2048      no     7311    21321  

Peer ID / IP                            Local ID / IP
------------                            -------------
93.90.203.xx 93.90.203.xx               87.106.xxx.xxx 87.106.xxx.xxx          

    State  IKEVer  Encrypt      Hash          D-H Group      NAT-T  A-Time  L-Time
    -----  ------  -------      ----          ---------      -----  ------  ------
    up     IKEv2   AES_CBC_256  HMAC_SHA2_384_192 MODP_1536      no     20404   5714   

manuel@mvr02:~$

I've tried some different variants as peer (ipv4-address, name of peer in vyos-config, peer-id as used in IKE), but always all peers are shown.

Details

Version
1.5-rolling-202408270022
Is it a breaking change?
Perfectly compatible
Issue type
Bug (incorrect behavior)

Related Objects

Event Timeline

manuel81 created this task.Aug 27 2024, 2:01 PM
pasik subscribed.Aug 27 2024, 6:02 PM
Viacheslav triaged this task as Normal priority.Aug 28 2024, 6:29 AM
SrividyaA changed the task status from Open to Confirmed.Sep 6 2024, 11:13 AM
natali-rs1985 claimed this task.Sep 12 2024, 10:20 AM
Restricted Repository Identity mentioned this in rVYOSONEXbe892a01be36: Merge pull request #4057 from natali-rs1985/T6682-current.Sep 15 2024, 2:32 PM
natali-rs1985 mentioned this in rVYOSONEX8c6a57124af3: op-mode: T6682: Fix for show vpn ike sa peer always shows all SAs.Sep 15 2024, 2:32 PM
Restricted Repository Identity mentioned this in rVYOSONEXb60e27af1bbe: op-mode: T6682: Fix for show vpn ike sa peer always shows all SAs.Sep 15 2024, 2:34 PM
Restricted Repository Identity mentioned this in rVYOSONEXa9502ba5dfea: op-mode: T6682: Fix for show vpn ike sa peer always shows all SAs.
dmbaturin added a project: Bugs.Sep 15 2024, 5:03 PM
Restricted Repository Identity mentioned this in rVYOSONEX8aa626a19d57: Merge pull request #4072 from vyos/mergify/bp/circinus/pr-4057.Sep 16 2024, 5:48 AM
Restricted Repository Identity mentioned this in rVYOSONEX1844176cd1fa: Merge pull request #4073 from vyos/mergify/bp/sagitta/pr-4057.Sep 16 2024, 9:26 AM
natali-rs1985 closed this task as Resolved.Sep 16 2024, 11:32 AM
natali-rs1985 moved this task from Open to Finished on the VyOS 1.5 Circinus board.
dmbaturin edited projects, added VyOS Rolling, VyOS 1.4 Sagitta (1.4.1); removed Bugs.Dec 6 2024, 12:03 PM
dmbaturin changed Is it a breaking change? from Unspecified (possibly destroys the router) to Perfectly compatible.
dmbaturin moved this task from Backlog to Finished on the VyOS 1.4 Sagitta (1.4.1) board.Dec 6 2024, 2:42 PM
dmbaturin mentioned this in 1.4.1.Dec 31 2024, 1:23 AM