summaryrefslogtreecommitdiff
path: root/docs/configuration
diff options
context:
space:
mode:
Diffstat (limited to 'docs/configuration')
-rw-r--r--docs/configuration/interfaces/macsec.rst20
-rw-r--r--docs/configuration/pki/index.rst4
-rw-r--r--docs/configuration/policy/examples.rst2
-rw-r--r--docs/configuration/protocols/bgp.rst16
-rw-r--r--docs/configuration/vpn/openconnect.rst2
-rw-r--r--docs/configuration/vpn/sstp.rst3
6 files changed, 22 insertions, 25 deletions
diff --git a/docs/configuration/interfaces/macsec.rst b/docs/configuration/interfaces/macsec.rst
index 544bd4fc..338ad3ae 100644
--- a/docs/configuration/interfaces/macsec.rst
+++ b/docs/configuration/interfaces/macsec.rst
@@ -53,11 +53,12 @@ individual peers.
.. cfgcmd:: set interfaces macsec <interface> security mka cak <key>
IEEE 802.1X/MACsec pre-shared key mode. This allows configuring MACsec with
- a pre-shared key using a (CAK,CKN) pair.
+ a pre-shared key using a :abbr:`CAK (MACsec connectivity association key)` and
+ :abbr:`CKN (MACsec connectivity association name)` pair.
.. cfgcmd:: set interfaces macsec <interface> security mka ckn <key>
- CAK Name
+ :abbr:`CKN (MACsec connectivity association name)` key
.. cfgcmd:: set interfaces macsec <interface> security mka priority <priority>
@@ -80,28 +81,27 @@ Replay protection
Operation
*********
-.. opcmd:: run generate macsec mka-cak
+.. opcmd:: run generate macsec mka cak <gcm-aes-128|gcm-aes-256>
- Generate :abbr:`MKA (MACsec Key Agreement protocol)` CAK key
+ Generate :abbr:`MKA (MACsec Key Agreement protocol)` CAK key 128 or 256 bits.
.. code-block:: none
- vyos@vyos:~$ generate macsec mka-cak
+ vyos@vyos:~$ generate macsec mka cak gcm-aes-128
20693b6e08bfa482703a563898c9e3ad
+.. opcmd:: run generate macsec mka ckn
-.. opcmd:: run generate macsec mka-ckn
-
- Generate :abbr:`MKA (MACsec Key Agreement protocol)` CAK key
+ Generate :abbr:`MKA (MACsec Key Agreement protocol)` CAK key.
.. code-block:: none
- vyos@vyos:~$ generate macsec mka-ckn
+ vyos@vyos:~$ generate macsec mka ckn
88737efef314ee319b2cbf30210a5f164957d884672c143aefdc0f5f6bc49eb2
.. opcmd:: show interfaces macsec
- List all MACsec interfaces
+ List all MACsec interfaces.
.. code-block:: none
diff --git a/docs/configuration/pki/index.rst b/docs/configuration/pki/index.rst
index b46f821c..e83272f5 100644
--- a/docs/configuration/pki/index.rst
+++ b/docs/configuration/pki/index.rst
@@ -272,7 +272,7 @@ also to display them.
Show only information for specified Certificate Authority.
-.. opcmd:: show pki certificates
+.. opcmd:: show pki certificate
Show a list of installed certificates
@@ -285,7 +285,7 @@ also to display them.
ac2 Server CN=ac2.vyos.net CN=R3 2021-07-05 07:29:59 2021-10-03 07:29:58 No Yes Yes (R3)
rw_server Server CN=VyOS RW CN=VyOS RW CA 2021-07-05 13:48:02 2022-07-05 13:48:02 No Yes Yes (vyos_rw)
-.. opcmd:: show pki certificates <name>
+.. opcmd:: show pki certificate <name>
Show only information for specified certificate.
diff --git a/docs/configuration/policy/examples.rst b/docs/configuration/policy/examples.rst
index c83e5f64..2d44f4bc 100644
--- a/docs/configuration/policy/examples.rst
+++ b/docs/configuration/policy/examples.rst
@@ -11,7 +11,7 @@ BGP Example
set policy route-map setmet rule 2 set as-path prepend '2 2 2'
# Apply policy to BGP
- set protocols bgp local-as 1
+ set protocols bgp system-as 1
set protocols bgp neighbor 203.0.113.2 address-family ipv4-unicast route-map import 'setmet'
set protocols bgp neighbor 203.0.113.2 address-family ipv4-unicast soft-reconfiguration 'inbound'
diff --git a/docs/configuration/protocols/bgp.rst b/docs/configuration/protocols/bgp.rst
index fb9b9d6e..6593730f 100644
--- a/docs/configuration/protocols/bgp.rst
+++ b/docs/configuration/protocols/bgp.rst
@@ -37,7 +37,7 @@ The :abbr:`ASN (Autonomous System Number)` is one of the essential elements of
BGP. BGP is a distance vector routing protocol, and the AS-Path framework
provides distance vector metric and loop detection to BGP.
-.. cfgcmd:: set protocols bgp local-as <asn>
+.. cfgcmd:: set protocols bgp system-as <asn>
Set local :abbr:`ASN (Autonomous System Number)` that this router represents.
This is a a mandatory option!
@@ -174,7 +174,7 @@ The BGP protocol uses the AS number for detecting whether the BGP connection
is internal or external. VyOS does not have a special command to start the BGP
process. The BGP process starts when the first neighbor is configured.
-.. cfgcmd:: set protocols bgp local-as <asn>
+.. cfgcmd:: set protocols bgp system-as <asn>
Set local autonomous system number that this router represents. This is a
mandatory option!
@@ -1069,7 +1069,7 @@ A simple eBGP configuration:
.. code-block:: none
- set protocols bgp local-as 65534
+ set protocols bgp system-as 65534
set protocols bgp neighbor 192.168.0.2 ebgp-multihop '2'
set protocols bgp neighbor 192.168.0.2 remote-as '65535'
set protocols bgp neighbor 192.168.0.2 update-source '192.168.0.1'
@@ -1080,7 +1080,7 @@ A simple eBGP configuration:
.. code-block:: none
- set protocols bgp local-as 65535
+ set protocols bgp system-as 65535
set protocols bgp neighbor 192.168.0.1 ebgp-multihop '2'
set protocols bgp neighbor 192.168.0.1 remote-as '65534'
set protocols bgp neighbor 192.168.0.1 update-source '192.168.0.2'
@@ -1114,7 +1114,7 @@ A simple BGP configuration via IPv6.
.. code-block:: none
- set protocols bgp local-as 65534
+ set protocols bgp system-as 65534
set protocols bgp neighbor 2001:db8::2 ebgp-multihop '2'
set protocols bgp neighbor 2001:db8::2 remote-as '65535'
set protocols bgp neighbor 2001:db8::2 update-source '2001:db8::1'
@@ -1126,7 +1126,7 @@ A simple BGP configuration via IPv6.
.. code-block:: none
- set protocols bgp local-as 65535
+ set protocols bgp system-as 65535
set protocols bgp neighbor 2001:db8::1 ebgp-multihop '2'
set protocols bgp neighbor 2001:db8::1 remote-as '65534'
set protocols bgp neighbor 2001:db8::1 update-source '2001:db8::2'
@@ -1177,7 +1177,7 @@ Route filter can be applied using a route-map:
set policy route-map AS65535-OUT rule 10 match ipv6 address prefix-list 'AS65535-OUT'
set policy route-map AS65535-OUT rule 20 action 'permit'
- set protocols bgp local-as 65534
+ set protocols bgp system-as 65534
set protocols bgp neighbor 2001:db8::2 address-family ipv4-unicast route-map export 'AS65535-OUT'
set protocols bgp neighbor 2001:db8::2 address-family ipv4-unicast route-map import 'AS65535-IN'
set protocols bgp neighbor 2001:db8::2 address-family ipv6-unicast route-map export 'AS65535-OUT'
@@ -1205,7 +1205,7 @@ Route filter can be applied using a route-map:
set policy route-map AS65534-OUT rule 10 match ipv6 address prefix-list 'AS65534-OUT'
set policy route-map AS65534-OUT rule 20 action 'permit'
- set protocols bgp local-as 65535
+ set protocols bgp system-as 65535
set protocols bgp neighbor 2001:db8::1 address-family ipv4-unicast route-map export 'AS65534-OUT'
set protocols bgp neighbor 2001:db8::1 address-family ipv4-unicast route-map import 'AS65534-IN'
set protocols bgp neighbor 2001:db8::1 address-family ipv6-unicast route-map export 'AS65534-OUT'
diff --git a/docs/configuration/vpn/openconnect.rst b/docs/configuration/vpn/openconnect.rst
index 43641d06..1b48571d 100644
--- a/docs/configuration/vpn/openconnect.rst
+++ b/docs/configuration/vpn/openconnect.rst
@@ -48,7 +48,7 @@ Server Configuration
set vpn openconnect authentication local-users username <user> password <pass>
set vpn openconnect authentication mode <local password|radius>
- set vpn opneconnect network-settings client-ip-settings subnet <subnet>
+ set vpn openconnect network-settings client-ip-settings subnet <subnet>
set vpn openconnect network-settings name-server <address>
set vpn openconnect network-settings name-server <address>
set vpn openconnect ssl ca-certificate <pki-ca-name>
diff --git a/docs/configuration/vpn/sstp.rst b/docs/configuration/vpn/sstp.rst
index f8bc4063..4f90260e 100644
--- a/docs/configuration/vpn/sstp.rst
+++ b/docs/configuration/vpn/sstp.rst
@@ -158,9 +158,6 @@ SSL Certificates
Path to `<file>` pointing to the servers certificate (public portion).
-.. cfgcmd:: set vpn sstp ssl key-file <file>
-
- Path to `<file>` pointing to the servers certificate (private portion).
PPP Settings
------------
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-13 12:57:05 +0000