diff options
Diffstat (limited to 'data/templates/openvpn')
| -rw-r--r-- | data/templates/openvpn/client.conf.tmpl | 2 | ||||
| -rw-r--r-- | data/templates/openvpn/server.conf.tmpl | 14 |
2 files changed, 10 insertions, 6 deletions
diff --git a/data/templates/openvpn/client.conf.tmpl b/data/templates/openvpn/client.conf.tmpl index fd3d3e68d..62387ef7c 100644 --- a/data/templates/openvpn/client.conf.tmpl +++ b/data/templates/openvpn/client.conf.tmpl @@ -13,7 +13,6 @@ push "route {{ route | address_from_cidr }} {{ route | netmask_from_cidr }}" iroute {{ network | address_from_cidr }} {{ network | netmask_from_cidr }} {% endfor %} {% endif %} - {# ipv6_remote is only set when IPv6 server is enabled #} {% if ipv6_remote %} # IPv6 @@ -27,7 +26,6 @@ push "route-ipv6 {{ route6 }}" iroute {{ net6 }} {% endfor %} {% endif %} - {% if disable is defined %} disable {% endif %} diff --git a/data/templates/openvpn/server.conf.tmpl b/data/templates/openvpn/server.conf.tmpl index e8f7c3ab8..a510c3a84 100644 --- a/data/templates/openvpn/server.conf.tmpl +++ b/data/templates/openvpn/server.conf.tmpl @@ -13,7 +13,13 @@ dev-type {{ device_type }} dev {{ ifname }} persist-key iproute /usr/libexec/vyos/system/unpriv-ip -proto {{ protocol }} +{% if protocol == 'tcp-active' %} +proto tcp6-client +{% elif protocol == 'tcp-passive' %} +proto tcp6-server +{% else %} +proto udp6 +{% endif %} {% if local_host is defined and local_host is not none %} local {{ local_host }} {% endif %} @@ -65,7 +71,7 @@ topology p2p {% elif server.topology is defined and server.topology is not none %} topology {{ server.topology }} {% endif %} -{% for subnet in server.subnet if subnet | ipv4 %} +{% for subnet in server.subnet if subnet | is_ipv4 %} server {{ subnet | address_from_cidr }} {{ subnet | netmask_from_cidr }} nopool {# OpenVPN assigns the first IP address to its local interface so the pool used #} {# in net30 topology - where each client receives a /30 must start from the second subnet #} @@ -130,12 +136,12 @@ push "dhcp-option DNS6 {{ ns6 }}" ping {{ keep_alive.interval }} ping-restart {{ keep_alive.failure_count }} -{% for laddr, laddr_conf in local_address.items() if laddr | ipv4 %} +{% for laddr, laddr_conf in local_address.items() if laddr | is_ipv4 %} {% if laddr_conf is defined and laddr_conf.subnet_mask is defined and laddr_conf.subnet_mask is not none %} ifconfig {{ laddr }} {{ laddr_conf.subnet_mask }} {% else %} {% for raddr in remote_address %} -{% if raddr | ipv4 %} +{% if raddr | is_ipv4 %} ifconfig {{ laddr }} {{ raddr }} {% else %} ifconfig-ipv6 {{ laddr }} {{ raddr }} |