summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/configuration/interfaces/openvpn.rst10
-rw-r--r--docs/configuration/protocols/ospf.rst4
-rw-r--r--docs/configuration/protocols/pim.rst4
-rw-r--r--docs/configuration/service/dhcp-relay.rst2
-rw-r--r--docs/configuration/vrf/index.rst2
-rw-r--r--docs/introducing/history.rst2
6 files changed, 18 insertions, 6 deletions
diff --git a/docs/configuration/interfaces/openvpn.rst b/docs/configuration/interfaces/openvpn.rst
index 2160e781..bfa40a7e 100644
--- a/docs/configuration/interfaces/openvpn.rst
+++ b/docs/configuration/interfaces/openvpn.rst
@@ -71,7 +71,7 @@ In both cases, we will use the following settings:
dynamic IP for our remote router.
Setting up certificates
------------------------
+=======================
Setting up a full-blown PKI with a CA certificate would arguably defeat the purpose
of site-to-site OpenVPN, since its main goal is supposed to be configuration simplicity,
@@ -129,7 +129,7 @@ Note: certificate names don't matter, we use 'openvpn-local' and 'openvpn-remote
Repeat the procedure on the other router.
Setting up OpenVPN
-------------------
+==================
Local Configuration:
@@ -148,6 +148,7 @@ Local Configuration:
set interfaces openvpn vtun1 tls certificate 'openvpn-local' # The self-signed certificate
set interfaces openvpn vtun1 tls peer-fingerprint <remote cert fingerprint> # The output of 'run show pki certificate <name> fingerprint sha256
on the remote rout
+
Remote Configuration:
.. code-block:: none
@@ -163,8 +164,9 @@ Remote Configuration:
set interfaces openvpn vtun1 tls certificate 'openvpn-remote' # The self-signed certificate
set interfaces openvpn vtun1 tls peer-fingerprint <local cert fingerprint> # The output of 'run show pki certificate <name> fingerprint sha256
on the local router
+
Pre-shared keys
----------------
+===============
Until VyOS 1.4, the only option for site-to-site OpenVPN without PKI was to use pre-shared keys.
That option is still available but it is deprecated and will be removed in the future.
@@ -200,6 +202,7 @@ Then you need to install the key on the remote router:
Then you need to set the key in your OpenVPN interface settings:
.. code-block:: none
+
set interfaces openvpn vtun1 shared-secret-key s2s
Firewall Exceptions
@@ -433,6 +436,7 @@ Branch 1's router might have the following lines:
set interfaces openvpn vtun10 tls ca-cert ca-1
set interfaces openvpn vtun10 tls certificate branch-1
+
Client Authentication
=====================
diff --git a/docs/configuration/protocols/ospf.rst b/docs/configuration/protocols/ospf.rst
index e360d86a..9891c77d 100644
--- a/docs/configuration/protocols/ospf.rst
+++ b/docs/configuration/protocols/ospf.rst
@@ -1204,7 +1204,7 @@ Interface Configuration
synchronizing process of the router's database with all neighbors. The
default value is 1 seconds. The interval range is 3 to 65535.
-.. _ospf:v3_redistribution_config:
+.. _ospf:v3_graceful_restart:
Graceful Restart
----------------
@@ -1245,6 +1245,8 @@ Graceful Restart
By default, it supports both planned and unplanned outages.
+.. _ospf:v3_redistribution_config:
+
Redistribution Configuration
----------------------------
diff --git a/docs/configuration/protocols/pim.rst b/docs/configuration/protocols/pim.rst
index 1b97697d..2e881943 100644
--- a/docs/configuration/protocols/pim.rst
+++ b/docs/configuration/protocols/pim.rst
@@ -180,6 +180,8 @@ IGMP - Internet Group Management Protocol)
Configure watermark warning generation for an IGMP group limit. Generates
warning once the configured group limit is reached while adding new groups.
+.. _pim:igmp_interface_commands:
+
Interface specific commands
===========================
@@ -202,7 +204,7 @@ Interface specific commands
Use this command to configure in the selected interface the IGMP
query response timeout value (10-250) in deciseconds. If a report is
not returned in the specified time, it will be assumed the (S,G) or
- (*,G) state :rfc:`7761#section-4.1` has timed out.
+ (\*,G) state :rfc:`7761#section-4.1` has timed out.
.. cfgcmd:: set protocols pim interface <interface> igmp version <version-number>
diff --git a/docs/configuration/service/dhcp-relay.rst b/docs/configuration/service/dhcp-relay.rst
index e1fbe1d2..dc45d071 100644
--- a/docs/configuration/service/dhcp-relay.rst
+++ b/docs/configuration/service/dhcp-relay.rst
@@ -154,6 +154,8 @@ Configuration
Disable dhcpv6-relay service.
+.. _dhcp_relay:v6_options:
+
Options
-------
diff --git a/docs/configuration/vrf/index.rst b/docs/configuration/vrf/index.rst
index dea53321..0ead2b9d 100644
--- a/docs/configuration/vrf/index.rst
+++ b/docs/configuration/vrf/index.rst
@@ -282,6 +282,8 @@ Configuration
VRF and NAT
-----------
+.. _vrf:nat_configuration:
+
Configuration
^^^^^^^^^^^^^
diff --git a/docs/introducing/history.rst b/docs/introducing/history.rst
index daf3e2a1..40b99b02 100644
--- a/docs/introducing/history.rst
+++ b/docs/introducing/history.rst
@@ -110,7 +110,7 @@ Sagitta (the Arrow) is the codename of the current development
branch, so there's no VyOS 1.4 yet.
Circinus (1.5)
--------------
+--------------
Circinus (the Compass) is the codename of the upcoming development
branch, so there's no VyOS 1.5 yet.