From da88a7dadcb1be9c6c9145b1376f1a9f2cb855f2 Mon Sep 17 00:00:00 2001 From: srividya0208 Date: Thu, 8 Sep 2022 06:55:52 -0400 Subject: ipsec-interface: syntax correction The command to set the vpn interface is changed in the rolling release which is not modified in many configuration examples, corrected syntax in all pages where it is mentioned --- docs/configuration/vpn/dmvpn.rst | 4 ++-- docs/configuration/vpn/ipsec.rst | 2 +- docs/configuration/vpn/l2tp.rst | 4 ++-- docs/configuration/vpn/site2site_ipsec.rst | 8 ++++---- 4 files changed, 9 insertions(+), 9 deletions(-) (limited to 'docs/configuration/vpn') diff --git a/docs/configuration/vpn/dmvpn.rst b/docs/configuration/vpn/dmvpn.rst index 50563e8b..66fc79da 100644 --- a/docs/configuration/vpn/dmvpn.rst +++ b/docs/configuration/vpn/dmvpn.rst @@ -218,7 +218,7 @@ Hub set vpn ipsec ike-group IKE-HUB proposal 2 encryption 'aes128' set vpn ipsec ike-group IKE-HUB proposal 2 hash 'sha1' - set vpn ipsec ipsec-interfaces interface 'eth0' + set vpn ipsec interface 'eth0' set vpn ipsec profile NHRPVPN authentication mode 'pre-shared-secret' set vpn ipsec profile NHRPVPN authentication pre-shared-secret 'secret' @@ -328,7 +328,7 @@ VyOS can also run in DMVPN spoke mode. set vpn ipsec ike-group IKE-HUB proposal 2 encryption 'aes128' set vpn ipsec ike-group IKE-HUB proposal 2 hash 'sha1' - set vpn ipsec ipsec-interfaces interface 'eth0' + set vpn ipsec interface 'eth0' set vpn ipsec profile NHRPVPN authentication mode 'pre-shared-secret' set vpn ipsec profile NHRPVPN authentication pre-shared-secret 'secret' diff --git a/docs/configuration/vpn/ipsec.rst b/docs/configuration/vpn/ipsec.rst index 693f3ec6..d1ea7bbc 100644 --- a/docs/configuration/vpn/ipsec.rst +++ b/docs/configuration/vpn/ipsec.rst @@ -198,7 +198,7 @@ On the LEFT: set interfaces tunnel tun0 address 10.10.10.1/30 ## IPsec - set vpn ipsec ipsec-interfaces interface eth0 + set vpn ipsec interface eth0 # IKE group set vpn ipsec ike-group MyIKEGroup proposal 1 dh-group '2' diff --git a/docs/configuration/vpn/l2tp.rst b/docs/configuration/vpn/l2tp.rst index 411b7b5e..8dc34ee4 100644 --- a/docs/configuration/vpn/l2tp.rst +++ b/docs/configuration/vpn/l2tp.rst @@ -14,7 +14,7 @@ with native Windows and Mac VPN clients): .. code-block:: none - set vpn ipsec ipsec-interfaces interface eth0 + set vpn ipsec interface eth0 set vpn l2tp remote-access outside-address 192.0.2.2 set vpn l2tp remote-access client-ip-pool start 192.168.255.2 @@ -24,7 +24,7 @@ with native Windows and Mac VPN clients): set vpn l2tp remote-access authentication mode local set vpn l2tp remote-access authentication local-users username test password 'test' -In the example above an external IP of 192.0.2.2 is assumed. +In the above example, an external IP of 192.0.2.2 is assumed. If a local firewall policy is in place on your external interface you will need to allow the ports below: diff --git a/docs/configuration/vpn/site2site_ipsec.rst b/docs/configuration/vpn/site2site_ipsec.rst index 2fa59dc1..fdcd3385 100644 --- a/docs/configuration/vpn/site2site_ipsec.rst +++ b/docs/configuration/vpn/site2site_ipsec.rst @@ -181,7 +181,7 @@ Example: set vpn ipsec ike-group office-srv-ike lifetime '3600' set vpn ipsec ike-group office-srv-ike proposal 1 encryption 'aes256' set vpn ipsec ike-group office-srv-ike proposal 1 hash 'sha1' - set vpn ipsec ipsec-interfaces interface 'eth1' + set vpn ipsec interface 'eth1' set vpn ipsec site-to-site peer 203.0.113.2 authentication mode 'pre-shared-secret' set vpn ipsec site-to-site peer 203.0.113.2 authentication pre-shared-secret 'SomePreSharedKey' set vpn ipsec site-to-site peer 203.0.113.2 ike-group 'office-srv-ike' @@ -204,7 +204,7 @@ Example: set vpn ipsec ike-group office-srv-ike lifetime '3600' set vpn ipsec ike-group office-srv-ike proposal 1 encryption 'aes256' set vpn ipsec ike-group office-srv-ike proposal 1 hash 'sha1' - set vpn ipsec ipsec-interfaces interface 'eth1' + set vpn ipsec interface 'eth1' set vpn ipsec site-to-site peer 198.51.100.3 authentication mode 'pre-shared-secret' set vpn ipsec site-to-site peer 198.51.100.3 authentication pre-shared-secret 'SomePreSharedKey' set vpn ipsec site-to-site peer 198.51.100.3 ike-group 'office-srv-ike' @@ -305,7 +305,7 @@ Imagine the following topology set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 dh-group '19' set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 encryption 'aes256gcm128' set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 hash 'sha256' - set vpn ipsec ipsec-interfaces interface 'eth0.201' + set vpn ipsec interface 'eth0.201' set vpn ipsec site-to-site peer 172.18.202.10 authentication id '172.18.201.10' set vpn ipsec site-to-site peer 172.18.202.10 authentication mode 'pre-shared-secret' set vpn ipsec site-to-site peer 172.18.202.10 authentication pre-shared-secret 'secretkey' @@ -339,7 +339,7 @@ Imagine the following topology set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 dh-group '19' set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 encryption 'aes256gcm128' set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 hash 'sha256' - set vpn ipsec ipsec-interfaces interface 'eth0.202' + set vpn ipsec interface 'eth0.202' set vpn ipsec site-to-site peer 172.18.201.10 authentication id '172.18.202.10' set vpn ipsec site-to-site peer 172.18.201.10 authentication mode 'pre-shared-secret' set vpn ipsec site-to-site peer 172.18.201.10 authentication pre-shared-secret 'secretkey' -- cgit v1.2.3