I'm setting up a Site-to-Site VPN which currently is configure for a PSK, and needs to be aggressive mode.
I've enabled
i_dont_care_about_security_and_use_aggressive_mode_psk = yes
and manually added
aggressive = yes
to /etc/ipsec.conf
The tunnel comes up successfully and works as expected....until the router restarts.
Then the config change to ipsec.conf reverts itself.
I've torn down the VPN config, and now going to be testing just adding
set vpn ipsec include-ipsec-conf /config/ipsec.conf
(/config/ipsec.conf holding my modified config file with the aggressive=yes)
to see if my ipsec config can be imported and establish the tunnel.
Any other suggestions? I'm testing this out later tonight.