Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
Removed the note from the firewall page as nat grouping is not added yet
Added the information about new option 'none' in the site-to-site ipsec vpn
page
|
|
|
|
|
|
Ability to set Cisco FlexVPN vendor ID payload:
charon.cisco_flexvpn = yes
charon.install_virtual_ip_on = tunX
swanctl.connections.<conn>.vips = x.x.x.x, z.z.z.z
|
|
https://phabricator.vyos.net/T1856
https://github.com/vyos/vyos-1x/pull/1230
|
|
OpenConnect lacks full documentation which would also include how to create and
add use keys from the new PKI backend. For the time beeing we should not
confuse users.
|
|
Updated OpenConnect SSL Syntax
|
|
and remote
vyos@vyos# set int tunnel tun0
Possible completions:
remote Tunnel remote address
source-address
Source IP address used to initiate connection
|
|
Updated syntax to match 1.4.x.
|
|
|
|
|
|
A private key is also needed to finish the ipsec setup which is not mentioned
in the section "Source tunnel from loopbacks/Setting up IPSec". I have added
for reference.
|
|
|
|
|
|
|
|
Modified the index files to reflect this.
Added Diagram of the VPN Topology
Modified the weird IP subnets for local& remote sites. This Included:
Changing the Interface Address for the wg01 tunnel
Chaning the WAN addresses to addrs not in the RFC1918 range (1.1.1.1 & 2.2.2.2)
Modifing the allowed IPs and static route to reflect this.
Modified the ping test to reflect this.
Added an annotated verison of the wireguard local&remote config.
Added an example of a firewall exception for wirguard (OUTSIDE_IN)
Modified the explanation for the behavior of AllowedIPs for remote clients.
Added an example of "sudo wg" to the operational commands.
Fixed typo
|
|
There were minimal grammatical and spelling mistakes in the files which I
corrected as documentation proof reading.
Also added information about few ipsec vpn parameters.
|
|
Autosectionlabel
|
|
|
|
|
|
Update l2tp "name-server" with correct syntax
|
|
RSA-Keys page was blank, so added the steps to generate and add the keys to
the VPN IPSec config.
Also corrected the IPSec/GRE page where authentication parameter was
missing before remote-id.
|
|
|
|
|
|
|
|
|
|
|