Thought it was time to give back to the VyOS community, what I have learned and gotten working, through lots of (sometimes painful) testing.
This is the working config (sanitised), in command form, for an IPSEC VPN between VyOS 1.1.8 and an Edgerouter. The same config will work between two VyOS end points with some minor modifications.
Also ikev2 had issues on VyOS 1.1.8, I have since upgraded the version of VyOS to 1.2.0 and ikev2 seems to work well!
set vpn ipsec ipsec-interfaces interface 'eth0'
set vpn ipsec nat-traversal 'enable'
set vpn ipsec auto-update '60'
set vpn ipsec esp-group esp_1 compression disable
set vpn ipsec esp-group esp_1 lifetime 1800
set vpn ipsec esp-group esp_1 mode tunnel
set vpn ipsec esp-group esp_1 pfs disable
set vpn ipsec esp-group esp_1 proposal 1 encryption aes256
set vpn ipsec esp-group esp_1 proposal 1 hash sha1
set vpn ipsec ike-group ike_1 dead-peer-detection action restart
set vpn ipsec ike-group ike_1 dead-peer-detection interval 30
set vpn ipsec ike-group ike_1 dead-peer-detection timeout 120
set vpn ipsec ike-group ike_1 ikev2-reauth no
set vpn ipsec ike-group ike_1 key-exchange ikev1
set vpn ipsec ike-group ike_1 lifetime 3600
set vpn ipsec ike-group ike_1 proposal 1 dh-group 2
set vpn ipsec ike-group ike_1 proposal 1 encryption aes256
set vpn ipsec ike-group ike_1 proposal 1 hash sha1
set vpn ipsec site-to-site peer 'Public-IP-Edgerouter' authentication id '@your-local-id'
set vpn ipsec site-to-site peer 'Public-IP-Edgerouter' authentication remote-id '@your-remote-id'
set vpn ipsec site-to-site peer 'Public-IP-Edgerouter' authentication mode 'pre-shared-secret'
set vpn ipsec site-to-site peer 'Public-IP-Edgerouter' authentication pre-shared-secret 'insert-PSK-here'
set vpn ipsec site-to-site peer 'Public-IP-Edgerouter' connection-type 'initiate'
set vpn ipsec site-to-site peer 'Public-IP-Edgerouter' default-esp-group 'esp_1'
set vpn ipsec site-to-site peer 'Public-IP-Edgerouter' ike-group 'ike_1'
set vpn ipsec site-to-site peer 'Public-IP-Edgerouter' local-address 'local-IP-address-of-VYOS'
set vpn ipsec site-to-site peer 'Public-IP-Edgerouter' tunnel 1 local prefix 'local-subnet'
set vpn ipsec site-to-site peer 'Public-IP-Edgerouter' tunnel 1 remote prefix 'remote-subnet'