summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEshenko Dmitriy <dmitriy.eshenko@vyos.io>2020-11-30 17:23:13 +0300
committerGitHub <noreply@github.com>2020-11-30 17:23:13 +0300
commit904bc5cbaeb2567d09b44bd5453b9db340a7d530 (patch)
treed0acbad7cceffc070b9b293f046e2582f49ff855
parent7710c7e959bffdcbdabef559dc0d89e2d4befbd5 (diff)
downloadvyos-documentation-904bc5cbaeb2567d09b44bd5453b9db340a7d530.tar.gz
vyos-documentation-904bc5cbaeb2567d09b44bd5453b9db340a7d530.zip
Change IPSec ESP mode from tunnel to transport to fix issue when Spokes behind a NAT
-rw-r--r--docs/vpn/dmvpn.rst4
1 files changed, 2 insertions, 2 deletions
diff --git a/docs/vpn/dmvpn.rst b/docs/vpn/dmvpn.rst
index 5100b92f..662165a9 100644
--- a/docs/vpn/dmvpn.rst
+++ b/docs/vpn/dmvpn.rst
@@ -199,7 +199,7 @@ Hub
set vpn ipsec esp-group ESP-HUB compression 'disable'
set vpn ipsec esp-group ESP-HUB lifetime '1800'
- set vpn ipsec esp-group ESP-HUB mode 'tunnel'
+ set vpn ipsec esp-group ESP-HUB mode 'transport'
set vpn ipsec esp-group ESP-HUB pfs 'dh-group2'
set vpn ipsec esp-group ESP-HUB proposal 1 encryption 'aes256'
set vpn ipsec esp-group ESP-HUB proposal 1 hash 'sha1'
@@ -307,7 +307,7 @@ VyOS can also run in DMVPN spoke mode.
set vpn ipsec esp-group ESP-HUB compression 'disable'
set vpn ipsec esp-group ESP-HUB lifetime '1800'
- set vpn ipsec esp-group ESP-HUB mode 'tunnel'
+ set vpn ipsec esp-group ESP-HUB mode 'transport'
set vpn ipsec esp-group ESP-HUB pfs 'dh-group2'
set vpn ipsec esp-group ESP-HUB proposal 1 encryption 'aes256'
set vpn ipsec esp-group ESP-HUB proposal 1 hash 'sha1'