diff options
Diffstat (limited to 'docs/vpn/l2tp.rst')
| -rw-r--r-- | docs/vpn/l2tp.rst | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/docs/vpn/l2tp.rst b/docs/vpn/l2tp.rst index 3d1a5ee7..a91399e2 100644 --- a/docs/vpn/l2tp.rst +++ b/docs/vpn/l2tp.rst @@ -6,7 +6,7 @@ L2TP over IPsec Example for configuring a simple L2TP over IPsec VPN for remote access (works with native Windows and Mac VPN clients): -.. code-block:: console +.. code-block:: none set vpn ipsec ipsec-interfaces interface eth0 set vpn ipsec nat-traversal enable @@ -36,7 +36,7 @@ for NAT-traversal: Example: -.. code-block:: console +.. code-block:: none set firewall name OUTSIDE-LOCAL rule 40 action 'accept' set firewall name OUTSIDE-LOCAL rule 40 destination port '50' @@ -55,7 +55,7 @@ Example: Also note that if you wish to allow the VPN to be used for external access you will need to add the appropriate source NAT rules to your configuration. -.. code-block:: console +.. code-block:: none set nat source rule 110 outbound-interface 'eth0' set nat source rule 110 source address '192.168.255.0/24' @@ -64,7 +64,7 @@ will need to add the appropriate source NAT rules to your configuration. To be able to resolve when connected to the VPN, the following DNS rules are needed as well. -.. code-block:: console +.. code-block:: none set vpn l2tp remote-access dns-servers server-1 '8.8.8.8' set vpn l2tp remote-access dns-servers server-2 '8.8.4.4' @@ -75,7 +75,7 @@ needed as well. Established sessions can be viewed using the **show vpn remote-access** operational command. -.. code-block:: console +.. code-block:: none vyos@vyos:~$ show vpn remote-access Active remote access VPN sessions: @@ -92,7 +92,7 @@ like RADIUS_ (FreeRADIUS_ or Microsoft `Network Policy Server`_, NPS) is used. VyOS supports either `local` or `radius` user authentication: -.. code-block:: console +.. code-block:: none set vpn l2tp remote-access authentication mode <local|radius> @@ -100,7 +100,7 @@ In addition one or more RADIUS_ servers can be configured to server for user authentication. This is done using the `radius server` and `radius server key` nodes: -.. code-block:: console +.. code-block:: none set vpn l2tp remote-access authentication radius server 1.1.1.1 key 'foo' set vpn l2tp remote-access authentication radius server 2.2.2.2 key 'foo' @@ -116,7 +116,7 @@ If you are using e.g. OSPF as IGP always the nearest interface facing the RADIUS server is used. With VyOS 1.2 you can bind all outgoing RADIUS requests to a single source IP e.g. the loopback interface. -.. code-block:: console +.. code-block:: none set vpn l2tp remote-access authentication radius source-address 3.3.3.3 |