summaryrefslogtreecommitdiff
path: root/src/conf_mode/vpn_openconnect.py
AgeCommit message (Collapse)Author
2023-02-22openconnect: T5023: Conf script missing optional config parametersarthurdev
2023-02-12T5001: Replace links to the phabricator siteChristian Breunig
Replace links to the phabricator site from https://phabricator.vyos.net to https://vyos.dev
2023-01-28openconnect: T4955: Removed wrong acctserver in radiusclient.confJamie Austin
Removes port key from accounting server merged config dictionary.
2023-01-28T4958: ocserv: openconnect: refactor RADIUS accounting supportJamie Austin
2023-01-28T4958: ocserv: openconnect: adds support for configuring RADIUS accountingJamie Austin
Adds CLI configuration options to configure RADIUS accounting for OpenConnect VPN sessions. This functionality cannot be used outside of the RADIUS OpenConnect VPN authentication mode
2023-01-26openconnect: T4955: Removed wrong authserver in radiusclient.confaapostoliuk
After merging config dictionary with default values, radius port the default value was merged not in a proper way. It is added as a server. After creating radiusclient.conf added and the illegal authserver equal 'port'.
2022-12-07T4861: Openconnect replace restart to reload-or-restartViacheslav Hletenko
Every change in openconnect restarts the ocserv.service Replace "restart" to "reload-or-restart" to avoid disconnect clients during change configs
2022-12-05Merge pull request #1693 from sever-sever/T4860Christian Poessinger
T4860: Verify if mode in openconnect ocserv dict
2022-12-04T4860: Verify if mode in openconnect ocserv dictViacheslav Hletenko
openconnect authentication mode must be set check dict that 'mode' exists in openconnect authentication
2022-12-04T4848: Fix for default route vpn openconnectViacheslav Hletenko
ocserv template expects list of routes but gets str "default" it cause wrong routes like: route = d route = e route = f route = a route = u route = l route = t Fix it
2022-09-16ocserv: T4656: use "0.0.0.0" defaultValue via XML definition"Christian Poessinger
2022-09-16ocserv: openconnect: T4656: add listen-address CLI optionDemon_H
This will set the listen-host ocserv configuration option.
2022-09-15Merge pull request #1477 from sempervictus/feature/ocserv_groupsViacheslav Hletenko
T3896(adjacent): Fix ocserv local user requirement, add groupconfig
2022-08-20ocserv: T4597: Fix check bounded port by service itselfViacheslav Hletenko
We check listen port before commit service if is port available and not bounded, but when we start openconnect our own port starts be bounded by "ocserv-main" process and next commit will be fail as port is already bound To fix it, extend check if port already bonded and it is not our self process "ocserv-main"
2022-08-18T3896: Drop cserv local user req, add groupconfigRageLtMan
From ocserv documentation: ``` If the groupconfig option is set, then config-per-user will be overriden, and all configuration will be read from radius. That also includes the Acct-Interim-Interval, and Session-Timeout values. ``` Implement yes/no configuration and parameter handling during jinja rendering. Fix bug wherein openconnect-server configuration requires creation of local user accounts even when RADIUS authentication is used. Testing: Set the groupconfig=yes param and observed change in generated /run/ocserv/ocserv.conf. Removed the local users via `delete vpn openconnect authentication local-users` and observed commit & service operation
2022-08-05ocserv: T4597: Check bind port before openconnect commitViacheslav Hletenko
Check if openconnect listen port is available and not used by another service
2022-05-01openconnect: T4353: fix Jinja2 linting errorsChristian Poessinger
2022-04-09ocserv: T4231: Added OTP support for Openconnect 2FAgoodNETnick
2022-03-16ocserv: T4231: Added OTP support for Openconnect 2FAgoodNETnick
2021-12-01openconnect: T3695: Add systemd service checker on commitDmitriyEshenko
2021-07-20pki: openconnect: T3642: Migrate OpenConnect SSL to PKI configurationsarthurdev
2021-04-30openconnect: T3461: Delete CA crt file checkssever-sever
2020-11-27vyos.template: T2720: always enable Jinja2 trim_blocks featureChristian Poessinger
2020-09-09openconnect: T2036: Move CLI commands under vpn openconnectDmitriyEshenko