Problem: Create an IPSEC tunnel from VYOS (Dynamic IP) to Fortigate (Static) The FortiGate supports a DYDNS FQDN on that side.
I have tried scripting a configuration change when the PPPOE interface comes up. My script works when I execute it from the command prompt but not when run from /etc/ppp/ip-up.d/1000-vyos-pppoe-pppoe0
For simplicity, I’m not passing in the local_ip_variable from pppd yet.
#calling script from 1000-vyos-pppoe-pppoe0
sg vyattacfg -c /etc/ppp/ip-up.d/test.sh
`#!/bin/bash
run=/opt/vyatta/bin/vyatta-op-cmd-wrapper
cfg=/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper
$cfg begin
$cfg set vpn ipsec site-to-site peer <PEER_ADDRESS> local-address 5.5.5.5
$cfg commit
$cfg end`
I think it might be a permission issue but not sure how to proceed. I have tried different forms of the scripts and also calling it with sudo. The script is owned by the vyattacfg group and has the same permissions as the parent script.
-rwxr-xr-x 1 root vyattacfg 1273 Feb 15 00:05 1000-vyos-pppoe-pppoe0
-rwxr-xr-x 1 root vyattacfg 204 Feb 14 23:37 test.sh