summaryrefslogtreecommitdiff
path: root/docs/configuration/vpn
AgeCommit message (Collapse)Author
2024-07-22ipsec: T6599: add CLI documentation to disable ESP re-keyChristian Breunig
(cherry picked from commit 284b5b8e9bec10f4e69c0add321361a832d39b66)
2024-07-18VPN documentation proofreading (#1506)whyrlpool
* Fix typos in openconnect.rst change Cerbort->Certbot Update first line to reflect that openconnect was introduced in 1.3-rolling (T2036) * typo in dmvpn.rst * ipsec.rst justification, minor phrasing changes * l2tp.rst justification and phrasing changes. * sstp.rst phrasing, justification changes * Update ipsec.rst rephrase for clarity and to avoid possessive plural apostrophe (cherry picked from commit 873a461bdf972ebd815baf50893700b0a2518213)
2024-07-13ipsec: Added information about operational commandssrividya0208
(cherry picked from commit cd1dcb5d8e66e3431415ebf31a2d5902b30c1ffc)
2024-05-10sstp: T4393: Add support to configure host-name (SNI)Nataliia Solomko
(cherry picked from commit 30af00bd7f3b97e5aed539f42fbfc6eaa5535158)
2024-05-05Fixed examples in accel-ppp services in IPv6 sectionaapostoliuk
Fixed examples in accel-ppp services in IPv6 section (cherry picked from commit 899acac204ba39b6d092ebc389e435a669d39258)
2024-04-16fix several build warnings and errorsrebortg
2024-03-05Merge pull request #1309 from vyos/mergify/bp/sagitta/pr-1300Robert Göhler
Rewritten the SSTP server documentation (backport #1300)
2024-03-05Update sstp.rstRobert Göhler
2024-03-05Rewritten the PPTP server documentationaapostoliuk
Fully rewritten PPTP server documentation. (cherry picked from commit 8cb0070b51edf550189a9ccf5f1a92bf537c3572)
2024-03-05Rewritten the SSTP server documentationaapostoliuk
Fully rewritten SSTP server documentation. (cherry picked from commit d71c4607fa0c330a3c6269811b2126a25ceb91f7) # Conflicts: # docs/configuration/vpn/sstp.rst
2024-02-27ipsec: add IKEv2 road-warrior documentationChristian Breunig
(cherry picked from commit deb4e15e51e2b5f5b281f0e17961a5c10d036bfe)
2024-02-26Rewritten the L2TP documentationaapostoliuk
Rewritten the L2TP documentation Added the example 'PPPoE over L2TP' to blueprints (cherry picked from commit 4dd84a7c4d784229209eeb4b0d72457b094e08ce)
2024-02-08T5971: Added PPP options documentationaapostoliuk
Added PPP options documentation (cherry picked from commit dd3537443d71b8a5481ad0e8fb1a8e4edd0ecb71)
2024-02-02Changed IPv6 pool documentation in accel-ppp servicesaapostoliuk
Changed IPv6 pool documentation in accel-ppp services to named IPv6 pools. https://vyos.dev/T5865 (cherry picked from commit f5b79621d0c841ee9a596543a05ad1acc9130c1d)
2024-01-22Updated DPD and close-action values in IPSECaapostoliuk
Changed from 'hold' to 'trap' and from 'restart' to 'start' in close-action. Changed from 'hold' to 'trap' in DPD action. (cherry picked from commit cfb7e8186d83e45092f361f9717c9542bfad053b)
2023-12-30accel-ppp: T5688: Changing CLI to create client address poolaapostoliuk
Changing CLI to create client address pool (cherry picked from commit 1096cbcf95f96334d773ab98cce9d26d311f9e51)
2023-12-02vpn: update site2site VTI exampleChristian Breunig
(cherry picked from commit 0429c317884d8951cbf2e432981edeacd426f3ed)
2023-11-24ipsec: gre: use dummy interface in example over loopbackChristian Breunig
(cherry picked from commit 5953d6f69748c82cbd9eafbe662163924ae719e6)
2023-09-04correction of ipsec compression syntax and added a referencesrividya0208
for changes done for zone based firewall
2023-06-13corrected the l2tp op commandsrividya0208
2023-05-20Update openconnect.rst correct code-blockRobert Göhler
2023-05-19ocserv: fix: indent of warning section text overflowing outside the warning boxJamie Austin
2023-05-17T3896: ocserv: openconnect: document identity based configurationJamie Austin
2023-02-26tunnel: T5034: migrate "multicast enable" CLI node to enable-multicastChristian Breunig
2023-02-05Change IPsec authentication PSK and examplesViacheslav Hletenko
2023-01-31fix build warnings and errorsrebortg
2023-01-29T4958: ocserv: openconnect: document RADIUS accountingJamie Austin
2023-01-19ipsec: T4925: Added PRF information in IPSEC documentationaapostoliuk
Added Pseudo-Random Functions (PRF) information in IPSEC documentation.
2023-01-03fix closeaction imagerebortg
2023-01-02close-action: image reference is modified from image to figuresrividya0208
2022-12-27close-action: added an image to the details.srividya0208
There was a typo in the reference for the image added in the previous commit, corrected that.
2022-12-26ipsec_closeaction: added recommendation for closeaction optionssrividya0208
Added VPN IPSec connection-type recommendation for the close-action and dpd settings. For example close-action restart should not be added on both peers
2022-12-11T4792: add initial documentation for SSTP clientChristian Poessinger
2022-11-08Modified the documentation as per the new format/syntaxsrividya0208
2022-09-29ipsec: T4118: Change IPSec syntaxViacheslav Hletenko
Migration and Change boolean nodes "enable/disable" to disable-xxxx, enable-xxxx and just xxx for VPN IPsec configurations - IKE changes: - replace 'ipsec ike-group <tag> mobike disable' => 'ipsec ike-group <tag> disable-mobike' - replace 'ipsec ike-group <tag> ikev2-reauth yes|no' => 'ipsec ike-group <tag> ikev2-reauth' - ESP changes: - replace 'ipsec esp-group <tag> compression enable' => 'ipsec esp-group <tag> compression' - PEER changes: - replace: 'peer <tag> id xxx' => 'peer <tag> local-id xxx' - replace: 'peer <tag> force-encapsulation enable' => 'peer <tag> force-udp-encapsulation' - add option: 'peer <tag> remote-address x.x.x.x' If peer name is IPv4 or IPv6 address add remote-address via migration script
2022-09-08ipsec-interface: syntax correctionsrividya0208
The command to set the vpn interface is changed in the rolling release which is not modified in many configuration examples, corrected syntax in all pages where it is mentioned
2022-08-05openconnect: Fixed gramma mistake in commandsaapostoliuk
Fixed gramma mistake in commands
2022-08-01Update sstp.rstKav7
The command path: set vpn sstp ssl key-file <file> Does not appear to exist anymore, as per https://github.com/vyos/vyos-1x/pull/1038 Can the doc be updated with instructions on SSTP setup with new command structure?
2022-07-19Add missing param to encrypt tunnelEshenko Dmitriy
2022-05-26sstp: T4444. Port number changing supportgoodNETnick
2022-05-08ocserv. Added show user OTP keygoodNETnick
2022-04-24deletion of note related to natsrividya0208
Removed the note from the firewall page as nat grouping is not added yet Added the information about new option 'none' in the site-to-site ipsec vpn page
2022-04-21OpenConnect new new syntax + OTP 2FAgoodNETnick
2022-02-23Update ipsec.rstmkorobeinikov
2022-02-23Add cisco_flexvpn and install_virtualip_on optionsmkorobeinikov
Ability to set Cisco FlexVPN vendor ID payload: charon.cisco_flexvpn = yes charon.install_virtual_ip_on = tunX swanctl.connections.<conn>.vips = x.x.x.x, z.z.z.z
2022-02-23Ability to set SA life bytes and packetsmkorobeinikov
https://phabricator.vyos.net/T1856 https://github.com/vyos/vyos-1x/pull/1230
2022-02-20openconnect: remove example b/c of missing PKIChristian Poessinger
OpenConnect lacks full documentation which would also include how to create and add use keys from the new PKI backend. For the time beeing we should not confuse users.
2022-02-20Merge pull request #704 from rickard-tpo/patch-1Christian Poessinger
Updated OpenConnect SSL Syntax
2022-02-15vpn-gre:incorrect syntax: local-ip and remote-ip changed to source-address ↵srividya0208
and remote vyos@vyos# set int tunnel tun0 Possible completions: remote Tunnel remote address source-address Source IP address used to initiate connection
2022-01-26Updated SSL Syntaxrickard-tpo
Updated syntax to match 1.4.x.