I am working on a project to setup a HA VPN endpoint and came across vyos. Vyos looks like a super useful tool but for my use case it would only be terminating remote access VPNs. Are there any significant benefits to using vyos as opposed to dedicated strongswan servers?
To throw something else in here real quick, at first glance it looks like the CLI doesn’t provide a means to configure all of the options for ipsec.conf that I am currently using in my test strongswan setup. Is it acceptable to directly edit the ipsec.conf file on the vyos? I was looking at some examples here ( https://github.com/vyos/vyos-strongswan ) and it looks like that is what they were doing for the different scenarios. However, I noticed that any modification of the VPN config through the CLI overwrites the strongswan configurations.