Shut IPSec tunnel

avdvyver · February 23, 2018, 12:57pm

Hi,

On my VyOS router (virtual appliance) I am terminating multiple IPSec tunnels. What would be the correct procedure to shut one of the tunnels for whatever reason? I know I can disable the vti but this just disconnects the BGP session and the tunnel stays up because:

set vpn ipsec ipsec-interfaces interface 'eth0'

Is there any way that can shut an individual tunnel?

Thanks

chrisg · July 9, 2018, 3:58am

In my lab I was able to shutdown an individual IPSEC tunnel with the following command:

set vpn ipsec site-to-site peer 192.168.10.53 tunnel 1 disable

The other tunnels remained up.

avdvyver · July 9, 2018, 7:29am

Hi Chris, thanks for the feedback. I tried your suggestion but unfortunately it fails to commit with the below:

VPN configuration error: Both Vti and tunnel(s) configured for peer x.x.x.x