summaryrefslogtreecommitdiff
path: root/docs/vpn
diff options
context:
space:
mode:
authorRobert Göhler <github@ghlr.de>2020-01-04 14:12:53 +0100
committerRobert Göhler <github@ghlr.de>2020-01-04 14:12:53 +0100
commit52595595f76d85b20477b61a886a9ff09f17e604 (patch)
treeb33d14410f79ee8c716f22bd765cf9722cd196cf /docs/vpn
parent156eef177980052027db572e4b60d984626e0081 (diff)
parenta4fbdcf4b01c8a1806576bcd62a6f166b5645dc6 (diff)
downloadvyos-documentation-52595595f76d85b20477b61a886a9ff09f17e604.tar.gz
vyos-documentation-52595595f76d85b20477b61a886a9ff09f17e604.zip
Merge branch 'master' into newdirectives
Diffstat (limited to 'docs/vpn')
-rw-r--r--docs/vpn/l2tp.rst9
-rw-r--r--docs/vpn/openvpn.rst6
2 files changed, 6 insertions, 9 deletions
diff --git a/docs/vpn/l2tp.rst b/docs/vpn/l2tp.rst
index 107a42d3..768e5acd 100644
--- a/docs/vpn/l2tp.rst
+++ b/docs/vpn/l2tp.rst
@@ -19,7 +19,6 @@ with native Windows and Mac VPN clients):
set vpn ipsec nat-networks allowed-network 0.0.0.0/0
set vpn l2tp remote-access outside-address 192.0.2.2
- set vpn l2tp remote-access outside-nexthop 192.168.255.1
set vpn l2tp remote-access client-ip-pool start 192.168.255.2
set vpn l2tp remote-access client-ip-pool stop 192.168.255.254
set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret
@@ -27,8 +26,7 @@ with native Windows and Mac VPN clients):
set vpn l2tp remote-access authentication mode local
set vpn l2tp remote-access authentication local-users username test password 'test'
-In the example above an external IP of 192.0.2.2 is assumed. Nexthop IP address
-192.168.255.1 uses as client tunnel termination point.
+In the example above an external IP of 192.0.2.2 is assumed.
If a local firewall policy is in place on your external interface you will need
to allow the ports below:
@@ -100,7 +98,6 @@ Below is an example to configure a LNS:
.. code-block:: none
set vpn l2tp remote-access outside-address 192.0.2.2
- set vpn l2tp remote-access outside-nexthop 192.168.255.1
set vpn l2tp remote-access client-ip-pool start 192.168.255.2
set vpn l2tp remote-access client-ip-pool stop 192.168.255.254
set vpn l2tp remote-access lns shared-secret 'secret'
@@ -108,8 +105,7 @@ Below is an example to configure a LNS:
set vpn l2tp remote-access authentication mode local
set vpn l2tp remote-access authentication local-users username test password 'test'
-The example above uses 192.0.2.2 as external IP address, the nexthop is supposed
-to be 192.168.255.1 and is used as client termination point. A LAC normally
+The example above uses 192.0.2.2 as external IP address. A LAC normally
requires an authentication password, which is set in the example configuration
to ``lns shared-secret 'secret'``. This setup requires the Compression Control
Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ccp-disable``
@@ -129,7 +125,6 @@ The rate-limit is set in kbit/sec.
.. code-block:: none
set vpn l2tp remote-access outside-address 192.0.2.2
- set vpn l2tp remote-access outside-nexthop 192.168.255.1
set vpn l2tp remote-access client-ip-pool start 192.168.255.2
set vpn l2tp remote-access client-ip-pool stop 192.168.255.254
set vpn l2tp remote-access authentication mode local
diff --git a/docs/vpn/openvpn.rst b/docs/vpn/openvpn.rst
index 69961f0c..cbb89fbe 100644
--- a/docs/vpn/openvpn.rst
+++ b/docs/vpn/openvpn.rst
@@ -441,8 +441,8 @@ Options
=======
We do not have CLI nodes for every single OpenVPN options. If an option is
-missing, a feature request should be opened at https://phabricator.vyos.net so
-all users can benefit from it.
+missing, a feature request should be opened at Phabricator_ so all users can
+benefit from it (see :ref:`issues_features`).
If you are a hacker or want to try on your own we support passing raw OpenVPN
options to OpenVPN.
@@ -460,3 +460,5 @@ Will add ``push "keepalive 1 10"`` to the generated OpenVPN config file.
.. note:: Sometimes option lines in the generated OpenVPN configurarion require
quotes. This is done through a hack on our config generator. You can pass
quotes using the ``&quot;`` statement.
+
+.. include:: ../common-references.rst