diff options
author | John Southworth <john.southworth@vyatta.com> | 2011-02-08 19:05:31 -0600 |
---|---|---|
committer | John Southworth <john.southworth@vyatta.com> | 2011-02-08 19:05:31 -0600 |
commit | 0d8c8590ee13c19609c350a86c3fb1f63245b86f (patch) | |
tree | d3e098ebe016ca46ee6ddc0a8ae216540dc43ad2 /templates/vpn/ipsec | |
parent | 0ba241641e5543593b7d77d9a349f6f41fdd9d95 (diff) | |
download | vyatta-cfg-vpn-0d8c8590ee13c19609c350a86c3fb1f63245b86f.tar.gz vyatta-cfg-vpn-0d8c8590ee13c19609c350a86c3fb1f63245b86f.zip |
Initial x509 for site-to-site ipsec vpn
Diffstat (limited to 'templates/vpn/ipsec')
8 files changed, 14 insertions, 1 deletions
diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/mode/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/mode/node.def index 25f5f66..d717730 100644 --- a/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/mode/node.def +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/mode/node.def @@ -1,6 +1,7 @@ help: Authentication mode type: txt default: "pre-shared-secret" -syntax:expression: $VAR(@) in "pre-shared-secret", "rsa"; "must be pre-shared-secret or rsa" +syntax:expression: $VAR(@) in "pre-shared-secret", "x509", "rsa"; "must be pre-shared-secret, x509, or rsa" val_help: pre-shared-secret; Use pre-shared secret key val_help: rsa; Use RSA key +val_help: x509; Use X.509 certificate diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/ca-cert-file/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/ca-cert-file/node.def new file mode 100644 index 0000000..819e990 --- /dev/null +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/ca-cert-file/node.def @@ -0,0 +1,2 @@ +type: txt +help: File containing the X.509 certificate for the Certificate Authority (CA) diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/cert-file/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/cert-file/node.def new file mode 100644 index 0000000..1c75264 --- /dev/null +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/cert-file/node.def @@ -0,0 +1,2 @@ +type: txt +help: File containing the X.509 certificate for the remote access VPN server (this host) diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/crl-file/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/crl-file/node.def new file mode 100644 index 0000000..ce49e36 --- /dev/null +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/crl-file/node.def @@ -0,0 +1,2 @@ +type: txt +help: File containing the X.509 Certificate Revocation List (CRL) diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/key/file/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/key/file/node.def new file mode 100644 index 0000000..0396c3e --- /dev/null +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/key/file/node.def @@ -0,0 +1,2 @@ +type: txt +help: File containing the private key for the X.509 certificate for the remote access VPN server (this host) diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/key/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/key/node.def new file mode 100644 index 0000000..d891c7b --- /dev/null +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/key/node.def @@ -0,0 +1 @@ +help: Key file and password to open it diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/key/password/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/key/password/node.def new file mode 100644 index 0000000..0667ea6 --- /dev/null +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/key/password/node.def @@ -0,0 +1,2 @@ +type: txt +help: Password that protects the private key diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/node.def new file mode 100644 index 0000000..81ed780 --- /dev/null +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/authentication/x509/node.def @@ -0,0 +1 @@ +help: X.509 certificate |