veeos-1x.git/data/templates/ipsec/swanctl, branch current

veeos-1x.git/data/templates/ipsec/swanctl, branch current VyOS command definitions, scripts, and utilities (mirror of https://github.com/vyos-contrib/veeos-1x.git) https://git.amelek.net/vyos-contrib/veeos-1x.git/atom?h=current 2025-04-17T09:45:46+00:00 T7343: IPsec add traffic-selector handling for VTI interfaces 2025-04-17T09:45:46+00:00 Viacheslav Hletenko v.gletenko@vyos.io 2025-04-12T08:45:16+00:00 urn:sha1:41ba7fc5c7edbaca6ff149818aa5689b3ac3c097 Allow to set traffic-selector for VTI interfaces We can set several local and remote IPv4 and IPv6 prefixes ``` set vpn ipsec site-to-site peer P1 vti traffic-selector local prefix 0.0.0.0/0 set vpn ipsec site-to-site peer P1 vti traffic-selector local prefix :/0 set vpn ipsec site-to-site peer P1 vti traffic-selector remote prefix 192.0.2.0/24 ``` nhrp: T2326: NHRP migration to FRR 2025-01-09T16:24:15+00:00 aapostoliuk a.apostoliuk@vyos.io 2024-08-09T15:08:56+00:00 urn:sha1:5e8307bf3a7f816193ca9da8cb290d57bbb375f2 NHRP migration to FRR T5873: vpn ipsec remote-access: improve child ESP session naming 2024-07-27T01:26:30+00:00 Lucas Christian lucas@lucasec.com 2024-07-07T10:19:02+00:00 urn:sha1:50cf1746d3ab5e3666a3e502c67d7d853ae7f932 T5873: vpn ipsec remote-access: support VTI interfaces 2024-07-22T17:57:45+00:00 Lucas Christian lucas@lucasec.com 2023-12-29T06:26:56+00:00 urn:sha1:4d2c89dcd50d3c158dc76ac5ab843dd66105bc02 T6599: ipsec: support disabling rekey of CHILD_SA. 2024-07-22T09:15:36+00:00 Lucas Christian lucas@lucasec.com 2024-07-21T02:29:14+00:00 urn:sha1:fd5d7ff0b4fd69b248ecb29c6ec1f3cf844c41cf Also adds support for life_bytes, life_packets, and DPD for remote-access connections. Changes behavior of remote-access esp-group lifetime setting to have parity with site-to-site connections. T6237: IPSec remote access VPN: ability to set EAP ID of clients 2024-04-21T20:59:56+00:00 Alex W embezzle.dev@proton.me 2024-04-21T20:59:56+00:00 urn:sha1:78ea623df20b44309cc6ac9848ed18e97fc4ed03 T5871: ipsec remote access VPN: specify "cacerts" for client auth. 2024-04-12T04:12:34+00:00 Lucas Christian lucas@lucasec.com 2023-12-29T06:08:36+00:00 urn:sha1:ecc83562b4d756cc50910561a3f52ec260aeb478 T5872: re-write exit hook to always regenerate config 2024-03-12T06:08:40+00:00 Lucas Christian lucas@lucasec.com 2024-03-10T18:39:19+00:00 urn:sha1:679b78356cbda4de15f96a7f22d4a98037dbeea4 T5872: fix ipsec dhclient exit hook 2024-03-10T18:40:23+00:00 Lucas Christian lucas@lucasec.com 2024-02-09T06:04:16+00:00 urn:sha1:cd8ef21f280f726955f537132e3fab2bcb3c286f T5872: ipsec remote access VPN: support dhcp-interface. 2024-03-10T18:40:23+00:00 Lucas Christian lucas@lucasec.com 2023-12-29T06:11:26+00:00 urn:sha1:f7834324d3d9edd7e161e7f2f3868452997c9c81