From deb44d8856dba7a52f52f1ace44b8251f7ee62be Mon Sep 17 00:00:00 2001 From: rebortg Date: Tue, 16 Apr 2024 21:58:21 +0200 Subject: fix several build warnings and errors --- docs/automation/terraform/terraformAWS.rst | 8 ++++---- docs/configuration/vpn/ipsec.rst | 3 ++- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/docs/automation/terraform/terraformAWS.rst b/docs/automation/terraform/terraformAWS.rst index c705d55e..e068377d 100644 --- a/docs/automation/terraform/terraformAWS.rst +++ b/docs/automation/terraform/terraformAWS.rst @@ -26,16 +26,16 @@ Step by step: AWS - 1 Create an account with AWS and get your "access_key", "secret key" +1 Create an account with AWS and get your "access_key", "secret key" - 2 Create a key pair_ and download your .pem key +2 Create a key pair_ and download your .pem key .. image:: /_static/images/keypairs.png :width: 50% :align: center :alt: Network Topology Diagram - 3 Create a security group_ for the new VyOS instance and open all traffic +3 Create a security group_ for the new VyOS instance and open all traffic .. image:: /_static/images/sg.png :width: 50% @@ -263,7 +263,7 @@ If you need to delete the instance please type the command: Troubleshooting --------------- - 1 Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/. +1 Ansible doesn't connect via SSH to your AWS instance: you have to check that your SSH key has copied into the path /root/aws/. Also, increase the time in the file instance.yml from 300 sec to 500 sec or more. (It depends on your location). Make sure that you have opened access to the instance in the security group. diff --git a/docs/configuration/vpn/ipsec.rst b/docs/configuration/vpn/ipsec.rst index 172b3c64..d33ae37e 100644 --- a/docs/configuration/vpn/ipsec.rst +++ b/docs/configuration/vpn/ipsec.rst @@ -32,6 +32,7 @@ for the cipher and hash. Adjust this as necessary. ************************************** IKE (Internet Key Exchange) Attributes ************************************** + IKE performs mutual authentication between two parties and establishes an IKE security association (SA) that includes shared secret information that can be used to efficiently establish SAs for Encapsulating Security @@ -226,7 +227,7 @@ On the RIGHT, setup by analogy and swap local and remote addresses. Source tunnel from dummy interface -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +================================== The scheme above doesn't work when one of the routers has a dynamic external address though. The classic workaround for this is to setup an address on a -- cgit v1.2.3