diff options
author | Eshenko Dmitriy <dmitriy.eshenko@vyos.io> | 2020-11-30 17:23:13 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-11-30 17:23:13 +0300 |
commit | 904bc5cbaeb2567d09b44bd5453b9db340a7d530 (patch) | |
tree | d0acbad7cceffc070b9b293f046e2582f49ff855 | |
parent | 7710c7e959bffdcbdabef559dc0d89e2d4befbd5 (diff) | |
download | vyos-documentation-904bc5cbaeb2567d09b44bd5453b9db340a7d530.tar.gz vyos-documentation-904bc5cbaeb2567d09b44bd5453b9db340a7d530.zip |
Change IPSec ESP mode from tunnel to transport to fix issue when Spokes behind a NAT
-rw-r--r-- | docs/vpn/dmvpn.rst | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/docs/vpn/dmvpn.rst b/docs/vpn/dmvpn.rst index 5100b92f..662165a9 100644 --- a/docs/vpn/dmvpn.rst +++ b/docs/vpn/dmvpn.rst @@ -199,7 +199,7 @@ Hub set vpn ipsec esp-group ESP-HUB compression 'disable' set vpn ipsec esp-group ESP-HUB lifetime '1800' - set vpn ipsec esp-group ESP-HUB mode 'tunnel' + set vpn ipsec esp-group ESP-HUB mode 'transport' set vpn ipsec esp-group ESP-HUB pfs 'dh-group2' set vpn ipsec esp-group ESP-HUB proposal 1 encryption 'aes256' set vpn ipsec esp-group ESP-HUB proposal 1 hash 'sha1' @@ -307,7 +307,7 @@ VyOS can also run in DMVPN spoke mode. set vpn ipsec esp-group ESP-HUB compression 'disable' set vpn ipsec esp-group ESP-HUB lifetime '1800' - set vpn ipsec esp-group ESP-HUB mode 'tunnel' + set vpn ipsec esp-group ESP-HUB mode 'transport' set vpn ipsec esp-group ESP-HUB pfs 'dh-group2' set vpn ipsec esp-group ESP-HUB proposal 1 encryption 'aes256' set vpn ipsec esp-group ESP-HUB proposal 1 hash 'sha1' |