diff options
author | Robert Göhler <github@ghlr.de> | 2020-01-04 14:12:53 +0100 |
---|---|---|
committer | Robert Göhler <github@ghlr.de> | 2020-01-04 14:12:53 +0100 |
commit | 52595595f76d85b20477b61a886a9ff09f17e604 (patch) | |
tree | b33d14410f79ee8c716f22bd765cf9722cd196cf /docs/vpn | |
parent | 156eef177980052027db572e4b60d984626e0081 (diff) | |
parent | a4fbdcf4b01c8a1806576bcd62a6f166b5645dc6 (diff) | |
download | vyos-documentation-52595595f76d85b20477b61a886a9ff09f17e604.tar.gz vyos-documentation-52595595f76d85b20477b61a886a9ff09f17e604.zip |
Merge branch 'master' into newdirectives
Diffstat (limited to 'docs/vpn')
-rw-r--r-- | docs/vpn/l2tp.rst | 9 | ||||
-rw-r--r-- | docs/vpn/openvpn.rst | 6 |
2 files changed, 6 insertions, 9 deletions
diff --git a/docs/vpn/l2tp.rst b/docs/vpn/l2tp.rst index 107a42d3..768e5acd 100644 --- a/docs/vpn/l2tp.rst +++ b/docs/vpn/l2tp.rst @@ -19,7 +19,6 @@ with native Windows and Mac VPN clients): set vpn ipsec nat-networks allowed-network 0.0.0.0/0 set vpn l2tp remote-access outside-address 192.0.2.2 - set vpn l2tp remote-access outside-nexthop 192.168.255.1 set vpn l2tp remote-access client-ip-pool start 192.168.255.2 set vpn l2tp remote-access client-ip-pool stop 192.168.255.254 set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret @@ -27,8 +26,7 @@ with native Windows and Mac VPN clients): set vpn l2tp remote-access authentication mode local set vpn l2tp remote-access authentication local-users username test password 'test' -In the example above an external IP of 192.0.2.2 is assumed. Nexthop IP address -192.168.255.1 uses as client tunnel termination point. +In the example above an external IP of 192.0.2.2 is assumed. If a local firewall policy is in place on your external interface you will need to allow the ports below: @@ -100,7 +98,6 @@ Below is an example to configure a LNS: .. code-block:: none set vpn l2tp remote-access outside-address 192.0.2.2 - set vpn l2tp remote-access outside-nexthop 192.168.255.1 set vpn l2tp remote-access client-ip-pool start 192.168.255.2 set vpn l2tp remote-access client-ip-pool stop 192.168.255.254 set vpn l2tp remote-access lns shared-secret 'secret' @@ -108,8 +105,7 @@ Below is an example to configure a LNS: set vpn l2tp remote-access authentication mode local set vpn l2tp remote-access authentication local-users username test password 'test' -The example above uses 192.0.2.2 as external IP address, the nexthop is supposed -to be 192.168.255.1 and is used as client termination point. A LAC normally +The example above uses 192.0.2.2 as external IP address. A LAC normally requires an authentication password, which is set in the example configuration to ``lns shared-secret 'secret'``. This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ccp-disable`` @@ -129,7 +125,6 @@ The rate-limit is set in kbit/sec. .. code-block:: none set vpn l2tp remote-access outside-address 192.0.2.2 - set vpn l2tp remote-access outside-nexthop 192.168.255.1 set vpn l2tp remote-access client-ip-pool start 192.168.255.2 set vpn l2tp remote-access client-ip-pool stop 192.168.255.254 set vpn l2tp remote-access authentication mode local diff --git a/docs/vpn/openvpn.rst b/docs/vpn/openvpn.rst index 69961f0c..cbb89fbe 100644 --- a/docs/vpn/openvpn.rst +++ b/docs/vpn/openvpn.rst @@ -441,8 +441,8 @@ Options ======= We do not have CLI nodes for every single OpenVPN options. If an option is -missing, a feature request should be opened at https://phabricator.vyos.net so -all users can benefit from it. +missing, a feature request should be opened at Phabricator_ so all users can +benefit from it (see :ref:`issues_features`). If you are a hacker or want to try on your own we support passing raw OpenVPN options to OpenVPN. @@ -460,3 +460,5 @@ Will add ``push "keepalive 1 10"`` to the generated OpenVPN config file. .. note:: Sometimes option lines in the generated OpenVPN configurarion require quotes. This is done through a hack on our config generator. You can pass quotes using the ``"`` statement. + +.. include:: ../common-references.rst |