summaryrefslogtreecommitdiff
path: root/docs/configuration
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@vyos.io>2022-09-08 12:09:47 +0100
committerGitHub <noreply@github.com>2022-09-08 12:09:47 +0100
commitadbffa6d475a7ebf6972468ad6f86df90520aa65 (patch)
tree428ba2e1a5fa8b34971cceb9f8391c1ac0d5d444 /docs/configuration
parent86f8017a80b1159ff13303615a03a787d97bfdd7 (diff)
parentda88a7dadcb1be9c6c9145b1376f1a9f2cb855f2 (diff)
downloadvyos-documentation-adbffa6d475a7ebf6972468ad6f86df90520aa65.tar.gz
vyos-documentation-adbffa6d475a7ebf6972468ad6f86df90520aa65.zip
Merge pull request #849 from srividya0208/ipsec-interfaces
ipsec-interface: syntax correction
Diffstat (limited to 'docs/configuration')
-rw-r--r--docs/configuration/interfaces/l2tpv3.rst2
-rw-r--r--docs/configuration/loadbalancing/index.rst2
-rw-r--r--docs/configuration/nat/nat44.rst2
-rw-r--r--docs/configuration/system/acceleration.rst6
-rw-r--r--docs/configuration/vpn/dmvpn.rst4
-rw-r--r--docs/configuration/vpn/ipsec.rst2
-rw-r--r--docs/configuration/vpn/l2tp.rst4
-rw-r--r--docs/configuration/vpn/site2site_ipsec.rst8
8 files changed, 15 insertions, 15 deletions
diff --git a/docs/configuration/interfaces/l2tpv3.rst b/docs/configuration/interfaces/l2tpv3.rst
index ca0ce2c9..191158b7 100644
--- a/docs/configuration/interfaces/l2tpv3.rst
+++ b/docs/configuration/interfaces/l2tpv3.rst
@@ -141,7 +141,7 @@ IPSec:
.. code-block:: none
- set vpn ipsec ipsec-interfaces <VPN-interface>
+ set vpn ipsec interface <VPN-interface>
set vpn ipsec esp-group test-ESP-1 compression 'disable'
set vpn ipsec esp-group test-ESP-1 lifetime '3600'
set vpn ipsec esp-group test-ESP-1 mode 'transport'
diff --git a/docs/configuration/loadbalancing/index.rst b/docs/configuration/loadbalancing/index.rst
index 36a69f89..5034547b 100644
--- a/docs/configuration/loadbalancing/index.rst
+++ b/docs/configuration/loadbalancing/index.rst
@@ -13,7 +13,7 @@ the routing table and balances traffic across the configured interfaces,
determined by interface health and weight.
-In a minimal, configuration the following must be provided:
+In a minimal configuration, the following must be provided:
* an interface with a nexthop
* one rule with a LAN (inbound-interface) and the WAN (interface).
diff --git a/docs/configuration/nat/nat44.rst b/docs/configuration/nat/nat44.rst
index 02aa4ece..62964fea 100644
--- a/docs/configuration/nat/nat44.rst
+++ b/docs/configuration/nat/nat44.rst
@@ -684,7 +684,7 @@ external interface in the image above)
set vpn ipsec esp-group my-esp proposal 1 encryption 'aes256'
set vpn ipsec esp-group my-esp proposal 1 hash 'sha256'
- set vpn ipsec ipsec-interfaces interface 'eth1'
+ set vpn ipsec interface 'eth1'
IPSec VPN Tunnels
"""""""""""""""""
diff --git a/docs/configuration/system/acceleration.rst b/docs/configuration/system/acceleration.rst
index 4c595022..62b85c71 100644
--- a/docs/configuration/system/acceleration.rst
+++ b/docs/configuration/system/acceleration.rst
@@ -69,7 +69,7 @@ Side A:
set vpn ipsec ike-group MyIKEGroup proposal 1 dh-group '14'
set vpn ipsec ike-group MyIKEGroup proposal 1 encryption 'aes256'
set vpn ipsec ike-group MyIKEGroup proposal 1 hash 'sha256'
- set vpn ipsec ipsec-interfaces interface 'eth0'
+ set vpn ipsec interface 'eth0'
set vpn ipsec site-to-site peer 10.10.10.1 authentication mode 'pre-shared-secret'
set vpn ipsec site-to-site peer 10.10.10.1 authentication pre-shared-secret 'Qwerty123'
set vpn ipsec site-to-site peer 10.10.10.1 connection-type 'initiate'
@@ -88,7 +88,7 @@ Side B:
set vpn ipsec ike-group MyIKEGroup proposal 1 dh-group '14'
set vpn ipsec ike-group MyIKEGroup proposal 1 encryption 'aes256'
set vpn ipsec ike-group MyIKEGroup proposal 1 hash 'sha256'
- set vpn ipsec ipsec-interfaces interface 'eth0'
+ set vpn ipsec interface 'eth0'
set vpn ipsec site-to-site peer 10.10.10.2 authentication mode 'pre-shared-secret'
set vpn ipsec site-to-site peer 10.10.10.2 authentication pre-shared-secret 'Qwerty123'
set vpn ipsec site-to-site peer 10.10.10.2 connection-type 'initiate'
@@ -143,4 +143,4 @@ increases.
[ 9] 0.00-10.01 sec 925 MBytes 775 Mbits/sec receiver
-.. _`IntelĀ® QAT`: https://www.intel.com/content/www/us/en/architecture-and-technology/intel-quick-assist-technology-overview.html \ No newline at end of file
+.. _`IntelĀ® QAT`: https://www.intel.com/content/www/us/en/architecture-and-technology/intel-quick-assist-technology-overview.html
diff --git a/docs/configuration/vpn/dmvpn.rst b/docs/configuration/vpn/dmvpn.rst
index 50563e8b..66fc79da 100644
--- a/docs/configuration/vpn/dmvpn.rst
+++ b/docs/configuration/vpn/dmvpn.rst
@@ -218,7 +218,7 @@ Hub
set vpn ipsec ike-group IKE-HUB proposal 2 encryption 'aes128'
set vpn ipsec ike-group IKE-HUB proposal 2 hash 'sha1'
- set vpn ipsec ipsec-interfaces interface 'eth0'
+ set vpn ipsec interface 'eth0'
set vpn ipsec profile NHRPVPN authentication mode 'pre-shared-secret'
set vpn ipsec profile NHRPVPN authentication pre-shared-secret 'secret'
@@ -328,7 +328,7 @@ VyOS can also run in DMVPN spoke mode.
set vpn ipsec ike-group IKE-HUB proposal 2 encryption 'aes128'
set vpn ipsec ike-group IKE-HUB proposal 2 hash 'sha1'
- set vpn ipsec ipsec-interfaces interface 'eth0'
+ set vpn ipsec interface 'eth0'
set vpn ipsec profile NHRPVPN authentication mode 'pre-shared-secret'
set vpn ipsec profile NHRPVPN authentication pre-shared-secret 'secret'
diff --git a/docs/configuration/vpn/ipsec.rst b/docs/configuration/vpn/ipsec.rst
index 693f3ec6..d1ea7bbc 100644
--- a/docs/configuration/vpn/ipsec.rst
+++ b/docs/configuration/vpn/ipsec.rst
@@ -198,7 +198,7 @@ On the LEFT:
set interfaces tunnel tun0 address 10.10.10.1/30
## IPsec
- set vpn ipsec ipsec-interfaces interface eth0
+ set vpn ipsec interface eth0
# IKE group
set vpn ipsec ike-group MyIKEGroup proposal 1 dh-group '2'
diff --git a/docs/configuration/vpn/l2tp.rst b/docs/configuration/vpn/l2tp.rst
index 411b7b5e..8dc34ee4 100644
--- a/docs/configuration/vpn/l2tp.rst
+++ b/docs/configuration/vpn/l2tp.rst
@@ -14,7 +14,7 @@ with native Windows and Mac VPN clients):
.. code-block:: none
- set vpn ipsec ipsec-interfaces interface eth0
+ set vpn ipsec interface eth0
set vpn l2tp remote-access outside-address 192.0.2.2
set vpn l2tp remote-access client-ip-pool start 192.168.255.2
@@ -24,7 +24,7 @@ with native Windows and Mac VPN clients):
set vpn l2tp remote-access authentication mode local
set vpn l2tp remote-access authentication local-users username test password 'test'
-In the example above an external IP of 192.0.2.2 is assumed.
+In the above example, an external IP of 192.0.2.2 is assumed.
If a local firewall policy is in place on your external interface you will need
to allow the ports below:
diff --git a/docs/configuration/vpn/site2site_ipsec.rst b/docs/configuration/vpn/site2site_ipsec.rst
index 2fa59dc1..fdcd3385 100644
--- a/docs/configuration/vpn/site2site_ipsec.rst
+++ b/docs/configuration/vpn/site2site_ipsec.rst
@@ -181,7 +181,7 @@ Example:
set vpn ipsec ike-group office-srv-ike lifetime '3600'
set vpn ipsec ike-group office-srv-ike proposal 1 encryption 'aes256'
set vpn ipsec ike-group office-srv-ike proposal 1 hash 'sha1'
- set vpn ipsec ipsec-interfaces interface 'eth1'
+ set vpn ipsec interface 'eth1'
set vpn ipsec site-to-site peer 203.0.113.2 authentication mode 'pre-shared-secret'
set vpn ipsec site-to-site peer 203.0.113.2 authentication pre-shared-secret 'SomePreSharedKey'
set vpn ipsec site-to-site peer 203.0.113.2 ike-group 'office-srv-ike'
@@ -204,7 +204,7 @@ Example:
set vpn ipsec ike-group office-srv-ike lifetime '3600'
set vpn ipsec ike-group office-srv-ike proposal 1 encryption 'aes256'
set vpn ipsec ike-group office-srv-ike proposal 1 hash 'sha1'
- set vpn ipsec ipsec-interfaces interface 'eth1'
+ set vpn ipsec interface 'eth1'
set vpn ipsec site-to-site peer 198.51.100.3 authentication mode 'pre-shared-secret'
set vpn ipsec site-to-site peer 198.51.100.3 authentication pre-shared-secret 'SomePreSharedKey'
set vpn ipsec site-to-site peer 198.51.100.3 ike-group 'office-srv-ike'
@@ -305,7 +305,7 @@ Imagine the following topology
set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 dh-group '19'
set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 encryption 'aes256gcm128'
set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 hash 'sha256'
- set vpn ipsec ipsec-interfaces interface 'eth0.201'
+ set vpn ipsec interface 'eth0.201'
set vpn ipsec site-to-site peer 172.18.202.10 authentication id '172.18.201.10'
set vpn ipsec site-to-site peer 172.18.202.10 authentication mode 'pre-shared-secret'
set vpn ipsec site-to-site peer 172.18.202.10 authentication pre-shared-secret 'secretkey'
@@ -339,7 +339,7 @@ Imagine the following topology
set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 dh-group '19'
set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 encryption 'aes256gcm128'
set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 hash 'sha256'
- set vpn ipsec ipsec-interfaces interface 'eth0.202'
+ set vpn ipsec interface 'eth0.202'
set vpn ipsec site-to-site peer 172.18.201.10 authentication id '172.18.202.10'
set vpn ipsec site-to-site peer 172.18.201.10 authentication mode 'pre-shared-secret'
set vpn ipsec site-to-site peer 172.18.201.10 authentication pre-shared-secret 'secretkey'