summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--docs/interfaces/bridging.rst7
-rw-r--r--docs/vpn/dmvpn.rst9
2 files changed, 9 insertions, 7 deletions
diff --git a/docs/interfaces/bridging.rst b/docs/interfaces/bridging.rst
index e42d76ad..0adc9263 100644
--- a/docs/interfaces/bridging.rst
+++ b/docs/interfaces/bridging.rst
@@ -10,8 +10,8 @@ we will be creating a bridge for VLAN 100 and assigning a VIF to the bridge.
.. code-block:: sh
set interfaces bridge 'br100'
- ~~set interfaces ethernet eth1 vif 100 bridge-group bridge br100~~
- set interfaces bridge br100 member interface eth1
+ set interfaces ethernet eth1 vif 100
+ set interfaces bridge br100 member interface eth1.100
Interfaces assigned to a bridge-group do not have address configuration. An IP
address can be assigned to the bridge interface itself, however, like any
@@ -34,9 +34,6 @@ Example Result:
ethernet eth1 {
[...]
vif 100 {
- bridge-group {
- bridge br100
- }
}
}
diff --git a/docs/vpn/dmvpn.rst b/docs/vpn/dmvpn.rst
index 5b206c57..e53a013a 100644
--- a/docs/vpn/dmvpn.rst
+++ b/docs/vpn/dmvpn.rst
@@ -36,7 +36,7 @@ Baseline Configuration:
The tunnel will be set to mGRE if for encapsulation `gre` is set, and no
`remote-ip` is set. If the public ip is provided by DHCP the tunnel `local-ip`
-can be set to "0.0.0.0"
+can be set to "0.0.0.0". If you do set the `remote-ip` directive at any point, the interface will need to be `delete`'d from the config and recreated without the `remote-ip` config ever being set.
.. figure:: ../_static/images/vpn_dmvpn_topology01.png
:scale: 40 %
@@ -160,6 +160,11 @@ HUB Example Configuration:
set protocols static route 0.0.0.0/0 next-hop 1.1.1.2
set protocols static route 192.168.2.0/24 next-hop 10.0.0.2
set protocols static route 192.168.3.0/24 next-hop 10.0.0.3
+
+HUB on AWS Configuration Specifics
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Setting this up on AWS will require a "Custom Protocol Rule" for protocol number "47" (GRE) Allow Rule in TWO places. Firstly on the VPC Network ACL, and secondly on the security group network ACL attached to the EC2 instance. This has been tested as working for the offical AMI image on the AWS Marketplace. (Locate the correct VPC and security group by navigating through the details pane below your EC2 instance in the AWS console)
SPOKE Configuration
^^^^^^^^^^^^^^^^^^^
@@ -412,4 +417,4 @@ SPOKE2 Example Configuration
.. _RFC2332: https://tools.ietf.org/html/rfc2332
.. _RFC1702: https://tools.ietf.org/html/rfc1702
-.. _RFC4301: https://tools.ietf.org/html/rfc4301 \ No newline at end of file
+.. _RFC4301: https://tools.ietf.org/html/rfc4301