diff options
-rw-r--r-- | docs/automation/terraform/terraformAWS.rst | 8 | ||||
-rw-r--r-- | docs/configuration/vpn/ipsec.rst | 3 |
2 files changed, 6 insertions, 5 deletions
diff --git a/docs/automation/terraform/terraformAWS.rst b/docs/automation/terraform/terraformAWS.rst index c705d55e..e068377d 100644 --- a/docs/automation/terraform/terraformAWS.rst +++ b/docs/automation/terraform/terraformAWS.rst @@ -26,16 +26,16 @@ Step by step: AWS - 1 Create an account with AWS and get your "access_key", "secret key" +1 Create an account with AWS and get your "access_key", "secret key" - 2 Create a key pair_ and download your .pem key +2 Create a key pair_ and download your .pem key .. image:: /_static/images/keypairs.png :width: 50% :align: center :alt: Network Topology Diagram - 3 Create a security group_ for the new VyOS instance and open all traffic +3 Create a security group_ for the new VyOS instance and open all traffic .. image:: /_static/images/sg.png :width: 50% @@ -263,7 +263,7 @@ If you need to delete the instance please type the command: Troubleshooting --------------- - 1 Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/. +1 Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/. Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group. diff --git a/docs/configuration/vpn/ipsec.rst b/docs/configuration/vpn/ipsec.rst index 172b3c64..d33ae37e 100644 --- a/docs/configuration/vpn/ipsec.rst +++ b/docs/configuration/vpn/ipsec.rst @@ -32,6 +32,7 @@ for the cipher and hash. Adjust this as necessary. ************************************** IKE (Internet Key Exchange) Attributes ************************************** + IKE performs mutual authentication between two parties and establishes an IKE security association (SA) that includes shared secret information that can be used to efficiently establish SAs for Encapsulating Security @@ -226,7 +227,7 @@ On the RIGHT, setup by analogy and swap local and remote addresses. Source tunnel from dummy interface -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +================================== The scheme above doesn't work when one of the routers has a dynamic external address though. The classic workaround for this is to setup an address on a |