Page MenuHomeVyOS Platform
Feed Search

Search
Use Results
Hide Query

Feb 22 2022

Viacheslav added a comment to T4122: interface ip address config missing after upgrade from 1.2.8 to 1.3.0 (when redirect is configured?).

Adding priority >=615 should fix it

vyos@r11-roll# sudo cat /opt/vyatta/share/vyatta-cfg/templates/interfaces/ethernet/node.tag/vif/node.tag/redirect/node.def
type: txt
priority: 615
help: Incoming packet redirection destination
allowed: /opt/vyatta/sbin/vyatta-interfaces.pl --show=input
Feb 22 2022, 4:27 PM · VyOS 1.3 Equuleus (1.3.3)
Viacheslav changed the status of T4122: interface ip address config missing after upgrade from 1.2.8 to 1.3.0 (when redirect is configured?) from Open to In progress.
Feb 22 2022, 4:07 PM · VyOS 1.3 Equuleus (1.3.3)
Viacheslav added a project to T4122: interface ip address config missing after upgrade from 1.2.8 to 1.3.0 (when redirect is configured?): VyOS 1.4 Sagitta.
Feb 22 2022, 4:00 PM · VyOS 1.3 Equuleus (1.3.3)
Viacheslav added a comment to T4122: interface ip address config missing after upgrade from 1.2.8 to 1.3.0 (when redirect is configured?).

VyOS 1.4

set interfaces input ifb042
set interfaces ethernet eth0 vif 42 address 203.0.113.47/32
set interfaces ethernet eth0 vif 42 redirect 'ifb042'
Feb 22 2022, 3:24 PM · VyOS 1.3 Equuleus (1.3.3)
Viacheslav updated the task description for T4266: Add controller for nftables bgp flowspec routes.
Feb 22 2022, 3:10 PM
Viacheslav updated the task description for T4266: Add controller for nftables bgp flowspec routes.
Feb 22 2022, 3:06 PM
Viacheslav added a comment to T1253: Feature Request: FRR Flowspec.

@Cheeze_It It is not hard https://github.com/vyos/vyos-1x/blob/current/op-mode-definitions/show-bgp.xml.in

Feb 22 2022, 2:30 PM · VyOS 1.5 Circinus
Viacheslav updated the task description for T4266: Add controller for nftables bgp flowspec routes.
Feb 22 2022, 2:27 PM
Viacheslav updated the task description for T4266: Add controller for nftables bgp flowspec routes.
Feb 22 2022, 2:06 PM
Viacheslav created T4266: Add controller for nftables bgp flowspec routes.
Feb 22 2022, 2:00 PM
Viacheslav added a comment to T1253: Feature Request: FRR Flowspec.

@Cheeze_It There is a task for op-mode T4265
Task for controller T4266

Feb 22 2022, 1:40 PM · VyOS 1.5 Circinus
Viacheslav created T4265: Add op-mode for bgp flowspec state and routes.
Feb 22 2022, 12:12 PM · VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEX6bf5a0b0dd48: ipsec: T1856: Ability to set SA life bytes and packets.
Feb 22 2022, 6:55 AM

Feb 21 2022

Viacheslav committed rVYOSONEX4ec626262939: ipsec: T3948: Add CLI site-to-site peer connection-type none.
Feb 21 2022, 6:11 PM

Feb 20 2022

Viacheslav added a comment to T3656: IPSec 1.4 : "show vpn ike sa" does not show the correct default ike version.

@SrividyaA Could you fix the old command help description?

Feb 20 2022, 8:55 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3948: IPSec VPN: Add a new option "none" for the connection-type.

PR https://github.com/vyos/vyos-1x/pull/1231

Feb 20 2022, 8:37 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T3948: IPSec VPN: Add a new option "none" for the connection-type from Open to In progress.
Feb 20 2022, 8:01 PM · VyOS 1.4 Sagitta
Viacheslav added projects to T4262: install image doesn't respect chosen root partition size: VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta.
Feb 20 2022, 7:52 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
Viacheslav changed the subtype of T4262: install image doesn't respect chosen root partition size from "Task" to "Bug".

Which version?

Feb 20 2022, 7:45 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
Viacheslav added a comment to T3948: IPSec VPN: Add a new option "none" for the connection-type.

@SrividyaA Which configurations do you expect with option set vpn ipsec site-to-site peer 192.168.122.14 connection-type none ?

Feb 20 2022, 7:41 PM · VyOS 1.4 Sagitta
Viacheslav closed T4254: VPN IPSec charon add options cisco_flexvpn and install_virtual_ip_on as Resolved.
Feb 20 2022, 7:18 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T1856: Support configuring IPSec SA bytes.

PR https://github.com/vyos/vyos-1x/pull/1230

Feb 20 2022, 6:36 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
Viacheslav committed rVYOSONEXf6c2b5e4762e: vpn: T4254: Add cisco_flexvpn and install_virtual_ip_on options.
Feb 20 2022, 6:13 PM
Viacheslav moved T4151: IPV6 local PBR Support from Open to Finished on the VyOS 1.4 Sagitta board.
Feb 20 2022, 4:56 PM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
Viacheslav changed the status of T1856: Support configuring IPSec SA bytes, a subtask of T2816: Rewrite IPsec scripts with the new XML/Python approach, from Open to In progress.
Feb 20 2022, 4:47 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T1856: Support configuring IPSec SA bytes from Open to In progress.
Feb 20 2022, 4:47 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a project to T1856: Support configuring IPSec SA bytes: VyOS 1.4 Sagitta.
Feb 20 2022, 4:44 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0)
Viacheslav changed the subtype of T4001: Cannot use local-subnet or remote-subnet when using transport mode from "Task" to "Feature Request".
Feb 20 2022, 3:18 PM · Bugs, VyOS 1.4 Sagitta (1.4.0), VyOS Rolling, VyOS 1.5 Circinus
Viacheslav closed T4249: Add support for device mapping in containers as Resolved.
Feb 20 2022, 10:31 AM · VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEXcf36ced75094: containers: T4249: Allow to connect host device to the container.
Feb 20 2022, 7:08 AM

Feb 19 2022

Viacheslav added a comment to T4259: The conntrackd daemon can be started wrongly.

It is used in keepalived Template

Feb 19 2022, 11:29 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T4249: Add support for device mapping in containers.

PR https://github.com/vyos/vyos-1x/pull/1229

Feb 19 2022, 6:16 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4249: Add support for device mapping in containers from Open to In progress.
Feb 19 2022, 5:23 PM · VyOS 1.4 Sagitta

Feb 18 2022

Viacheslav added a project to T4258: [DHCP-SERVER] error parameter on Failover: VyOS 1.4 Sagitta.

Dhcp template https://github.com/vyos/vyos-1x/blob/9e626ce7bad2bd846826822a3622fedf2d937e09/data/templates/dhcp-server/dhcpd.conf.tmpl#L45-L47

Feb 18 2022, 7:36 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T4254: VPN IPSec charon add options cisco_flexvpn and install_virtual_ip_on.

PR https://github.com/vyos/vyos-1x/pull/1226

Feb 18 2022, 10:52 AM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T4254: VPN IPSec charon add options cisco_flexvpn and install_virtual_ip_on.
Feb 18 2022, 9:14 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4232: VyOS 1.2 traffic-policy shaper match interface not working.

@kirvio Could you check it on 1.3/1.4?

Feb 18 2022, 8:33 AM · VyOS 1.2 Crux

Feb 17 2022

Viacheslav updated the task description for T4254: VPN IPSec charon add options cisco_flexvpn and install_virtual_ip_on.
Feb 17 2022, 9:14 PM · VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEX4552dbcf38b0: openvpn: T3686: Fix for check local-address in script and tmpl.
Feb 17 2022, 7:58 PM
Viacheslav changed the status of T3600: DHCP Interface static route breaks PBR, a subtask of T3505: Commits do not respect changes in FRR that are not stored in a config, from In progress to Needs testing.
Feb 17 2022, 7:58 PM · VyOS 1.4 Sagitta (1.4.0-GA)
Viacheslav changed the status of T3600: DHCP Interface static route breaks PBR from In progress to Needs testing.
Feb 17 2022, 7:58 PM · VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEX4ecfd5d87c33: openvpn: T4230: Delete checks if local-host address assigned.
Feb 17 2022, 7:57 PM
Viacheslav closed T4241: ocserv openconnect looks broken in recent bulds of 1.3 Equuleus as Resolved.

@dutty Thanks for confirming.

Feb 17 2022, 7:18 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav created T4255: Unexpected print of dict bridge on delete.
Feb 17 2022, 4:36 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav changed the status of T4254: VPN IPSec charon add options cisco_flexvpn and install_virtual_ip_on from Open to In progress.
Feb 17 2022, 4:10 PM · VyOS 1.4 Sagitta
Viacheslav created T4254: VPN IPSec charon add options cisco_flexvpn and install_virtual_ip_on.
Feb 17 2022, 4:08 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T1972: Allow setting interface name for virtual_ipaddress in VRRP VRID from In progress to Needs testing.
Feb 17 2022, 3:53 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEXb99432ee2dc8: vrrp: T1972: Ability to set IP address on not vrrp interface.
Feb 17 2022, 2:22 PM
Viacheslav changed the status of T4241: ocserv openconnect looks broken in recent bulds of 1.3 Equuleus from Confirmed to Needs testing.
Feb 17 2022, 10:34 AM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav added a comment to T4241: ocserv openconnect looks broken in recent bulds of 1.3 Equuleus.

CI job for re-build pkg ocserv should fix this issue.

Feb 17 2022, 10:28 AM · VyOS 1.3 Equuleus ( 1.3.1)

Feb 16 2022

Viacheslav edited projects for T4241: ocserv openconnect looks broken in recent bulds of 1.3 Equuleus, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus.
Feb 16 2022, 11:26 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav changed the status of T4197: Vyos arm64-latest build issue with telegraf pkg from Open to Needs testing.
Feb 16 2022, 11:25 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4241: ocserv openconnect looks broken in recent bulds of 1.3 Equuleus.

Install official pkg solve the issue

wget http://ftp.de.debian.org/debian/pool/main/o/ocserv/ocserv_0.12.2-3_amd64.deb
dpkg -i *.deb
`
Feb 16 2022, 9:12 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav added a comment to T4249: Add support for device mapping in containers.
Feb 16 2022, 8:44 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4241: ocserv openconnect looks broken in recent bulds of 1.3 Equuleus.

Can be related
Found out some strange things, client address was banned:

ocserv[2072]: main: added 1 points (total 1) for IP '192.168.122.1' to ban list
Feb 16 2022, 7:14 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav changed the status of T4241: ocserv openconnect looks broken in recent bulds of 1.3 Equuleus from Open to Confirmed.
Feb 16 2022, 5:48 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav added a comment to T4241: ocserv openconnect looks broken in recent bulds of 1.3 Equuleus.

I don't see any issues with LTS 1.3.0

Feb 16 2022, 5:48 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav added a comment to T4249: Add support for device mapping in containers.

Thanks
Is it required point of binding in a container?
For example:

podman run --rm -it --device=/dev/vdb:/dev/xvdc:rwm --net host ubuntu bash
Feb 16 2022, 4:17 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4249: Add support for device mapping in containers.

You can get access to host netwoks with set container name foo allow-host-networks

Feb 16 2022, 3:44 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T1972: Allow setting interface name for virtual_ipaddress in VRRP VRID.

PR for 1.3 https://github.com/vyos/vyos-1x/pull/1224

Feb 16 2022, 3:09 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav reopened T1972: Allow setting interface name for virtual_ipaddress in VRRP VRID as "In progress".
Feb 16 2022, 2:57 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav closed T4237: Conntrack-sync error - error adding listen-address command as Resolved.
Feb 16 2022, 1:58 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav added a comment to T973: Create Prometheus Exporter for VyOS .

@anthr76 we have ready telegraf exporter, maybe it will work for you?
https://docs.vyos.io/en/latest/configuration/service/monitoring.html

Feb 16 2022, 1:34 PM · VyOS Rolling, VyOS 1.5 Circinus
Viacheslav changed the subtype of T4248: There isn't a way to remove the only rule from the (traffic-policy) class. from "Task" to "Bug".
Feb 16 2022, 7:08 AM · VyOS 1.4 Sagitta (1.4.0-epa3)

Feb 15 2022

Viacheslav moved T1292: Issues while deleting all rules from a firewall from Open to Finished on the VyOS 1.4 Sagitta board.
Feb 15 2022, 10:12 PM · VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEX283688fe52bd: conntrack-sync: T4237: Fix checks for listen-address list to str.
Feb 15 2022, 4:03 PM
Viacheslav moved T4237: Conntrack-sync error - error adding listen-address command from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.

PR for current https://github.com/vyos/vyos-1x/pull/1223

Feb 15 2022, 12:53 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav moved T3686: Bridging OpenVPN tap with no local-address breaks from Open to Finished on the VyOS 1.4 Sagitta board.
Feb 15 2022, 12:23 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav edited projects for T3686: Bridging OpenVPN tap with no local-address breaks, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus (1.3.0).

PR for 1.3 https://github.com/vyos/vyos-1x/pull/1221

Feb 15 2022, 12:23 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta

Feb 14 2022

Viacheslav added a comment to T4239: static-host-mapping only working on ipv4 addresses.

In hosts we can see 2 entries:

vyos@r11-roll# run show conf com | match test
set system static-host-mapping host-name test1.com inet '1.1.1.1'
set system static-host-mapping host-name test2.com inet '2a00:1450:400f:802::200e'
Feb 14 2022, 7:57 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3977: dhcp-relay-agent uses "physical" IP instead of vrrp IP.

Task for kea T3316

Feb 14 2022, 7:45 PM · VyOS 1.3 Equuleus (1.3.6)
Viacheslav added a comment to T1972: Allow setting interface name for virtual_ipaddress in VRRP VRID.

@Alexey.Kirillov it required more tests and responses from 1.4
Could you test it?

Feb 14 2022, 2:18 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta

Feb 13 2022

Viacheslav added a comment to T4241: ocserv openconnect looks broken in recent bulds of 1.3 Equuleus.

Which version?

Feb 13 2022, 5:07 PM · VyOS 1.3 Equuleus ( 1.3.1)

Feb 11 2022

Viacheslav committed rVYOSONEXc41c51e4ed7c: conntrack-sync: T4237: Fix checks for listen-address list to str.
Feb 11 2022, 5:45 PM
Viacheslav changed the status of T3686: Bridging OpenVPN tap with no local-address breaks from In progress to Needs testing.
Feb 11 2022, 1:39 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3686: Bridging OpenVPN tap with no local-address breaks.

@Scoopta Can you check your configuration with the next rolling release?

Feb 11 2022, 1:39 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav changed the status of T4236: Generate ovpn openvpn client configuration files from Open to Needs testing.
Feb 11 2022, 1:37 PM · VyOS 1.4 Sagitta
Viacheslav moved T3872: Add configurable telegraf monitoring service from Need Triage to Finished on the VyOS 1.3 Equuleus ( 1.3.1) board.
Feb 11 2022, 1:35 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav closed T3872: Add configurable telegraf monitoring service as Resolved.
Feb 11 2022, 1:35 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T4151: IPV6 local PBR Support.

@hensur Could you create a PR for 1.3?

Feb 11 2022, 1:34 PM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
Viacheslav closed T4234: Show firewall partly broken in 1.3.x as Resolved.
Feb 11 2022, 1:28 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav added a project to T4237: Conntrack-sync error - error adding listen-address command: VyOS 1.4 Sagitta.
Feb 11 2022, 1:25 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav edited projects for T4237: Conntrack-sync error - error adding listen-address command, added: VyOS 1.3 Equuleus ( 1.3.1); removed VyOS 1.3 Equuleus.
Feb 11 2022, 1:25 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav added a comment to T4237: Conntrack-sync error - error adding listen-address command.

PR https://github.com/vyos/vyos-1x/pull/1218

Feb 11 2022, 1:24 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav changed the status of T4237: Conntrack-sync error - error adding listen-address command from Open to In progress.
Feb 11 2022, 1:12 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav committed rVYOSONEX230ac0a202ac: openvpn: T3686: Fix for check local-address in script and tmpl.
Feb 11 2022, 6:18 AM
Viacheslav committed rVYOSONEX7f7be911b749: openvpn: T4236: Add generator for ovpn configurations in op-mode.
Feb 11 2022, 6:16 AM
Viacheslav committed rVYOSONEX19f65290529a: smoketest: T3872: Fix token check for monitoring test.
Feb 11 2022, 6:15 AM

Feb 10 2022

Viacheslav added a comment to T4236: Generate ovpn openvpn client configuration files.

PR https://github.com/vyos/vyos-1x/pull/1217

Feb 10 2022, 10:15 PM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T4236: Generate ovpn openvpn client configuration files.
Feb 10 2022, 5:01 PM · VyOS 1.4 Sagitta
Viacheslav closed T4165: Custom conntrack rules cannot be deleted as Resolved.
Feb 10 2022, 3:54 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav added a comment to T3591: OpenVPN with/without VRF not working (NordVPN).

There is an example of a working configuration:

set interfaces openvpn vtun10 authentication password xxxxxx
set interfaces openvpn vtun10 authentication username xxxxxx
set interfaces openvpn vtun10 device-type 'tun'
set interfaces openvpn vtun10 encryption cipher 'aes256'
set interfaces openvpn vtun10 hash 'sha512'
set interfaces openvpn vtun10 mode 'client'
set interfaces openvpn vtun10 openvpn-option '--config /config/auth/nord/included_config.conf'
set interfaces openvpn vtun10 persistent-tunnel
set interfaces openvpn vtun10 protocol 'udp'
set interfaces openvpn vtun10 remote-host 'xxx.xxx.218.155'
set interfaces openvpn vtun10 remote-port '1194'
set interfaces openvpn vtun10 tls ca-cert-file xxxxxx
Feb 10 2022, 3:20 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4234: Show firewall partly broken in 1.3.x from Confirmed to Needs testing.
Feb 10 2022, 3:19 PM · VyOS 1.3 Equuleus ( 1.3.1)
Viacheslav added a comment to T1925: DMVPN is always listed as down in "show vpn ipsec sa".

PR https://github.com/vyos/vyos-1x/pull/1133

Feb 10 2022, 12:11 PM · VyOS 1.3 Equuleus (1.3.6)
Viacheslav triaged T4234: Show firewall partly broken in 1.3.x as High priority.
Feb 10 2022, 7:37 AM · VyOS 1.3 Equuleus ( 1.3.1)

Feb 9 2022

Viacheslav updated subscribers of T4236: Generate ovpn openvpn client configuration files.
Feb 9 2022, 5:45 PM · VyOS 1.4 Sagitta
Viacheslav created T4236: Generate ovpn openvpn client configuration files.
Feb 9 2022, 5:45 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3686: Bridging OpenVPN tap with no local-address breaks.

PR https://github.com/vyos/vyos-1x/pull/1214

Feb 9 2022, 4:19 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3686: Bridging OpenVPN tap with no local-address breaks.

@Scoopta I can't get your configuration, how does should work without the declaration source or remote address?
There is a template that generates OpenVPN site-to-site configuration https://github.com/vyos/vyos-1x/blob/9910020ae6ef37964c97bb28b6b1d84f8227650b/data/templates/openvpn/server.conf.tmpl#L143-L147

Feb 9 2022, 2:57 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3686: Bridging OpenVPN tap with no local-address breaks.

To reproduce in 1.4

set interfaces bridge br3 member interface vtun2
set interfaces openvpn vtun2 device-type 'tap'
set interfaces openvpn vtun2 mode 'site-to-site'
set interfaces openvpn vtun2 persistent-tunnel
set interfaces openvpn vtun2 shared-secret-key 'foo'
set pki openvpn shared-secret foo key '190696ff2244ca9ce8d5bef8718c58881fe8df8e3519c8bf6ede49108c97a5d9456db648d8c5ca953bb19d21978527a742497426313e614640d037ffffa4980be315e193727ebfb28f3725b779e2d3309ad6f8c939363f7fc14a0080c81e3faf4b053661c81c3003ddabeb87ac8611b81718956b7325f03978c74f502b39965f0d788b21b4370f6a625e3098f8d71ff3e653f50c54b424c511cba78871b38337237830a34266aa9558cd69c68ded89f7f0a82f94b5b87200c7ea05edb14a806e9e4998b00dc2895d976c0e506a6a06056745bca6ce1d2a5c95a51a1460e3080c7743eecbcee9d2c4f89d9e1b59f44484e43591f43bf713255b5de13ae8500620'
set pki openvpn shared-secret foo version '1'

Commit:

Traceback (most recent call last):
  File "/usr/libexec/vyos/conf_mode/interfaces-openvpn.py", line 663, in <module>
    verify(c)
  File "/usr/libexec/vyos/conf_mode/interfaces-openvpn.py", line 228, in verify
    if len([addr for addr in openvpn['local_address'] if is_ipv4(addr)]) > 1:
KeyError: 'local_address'
Feb 9 2022, 1:50 PM · VyOS 1.3 Equuleus ( 1.3.1), VyOS 1.4 Sagitta
First
Prev
Next