summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-01-07Merge pull request #55 from goodNETnick/crux1.2.9-S1cruxDaniil Baturin
IPsec: T4087: increasing the maximum number of IKE proposals VyOS 1.2
2021-12-28IPsec: T4087: increasing the number of proposals allowed for the IKE groupgoodNETnick
2021-12-23Merge pull request #53 from sever-sever/T4092-cruxChristian Poessinger
dmvpn: T4092: Add new line after mobike option
2021-12-23dmvpn: T4092: Add new line after mobike optionViacheslav
It was missed a new line after "mobike" option for configuration DMVPN So it generates a wrong config format for swanctl.conf
2021-09-07ipsec: T3808: add missing exit if 'vpn ipsec' has been deletedJohn Estabrook
2021-06-09cfg-vpn: T2916: T2855: Fix typo for vti interface disable statesever-sever
(cherry picked from commit 2d24f456b15dd3a5c53b8119cbc98f45fba3f89e)
2021-05-08Merge pull request #44 from sever-sever/T2806-cruxDaniil Baturin
cfg-vpn: T2806: Fix local prefix is source from loopback
2021-05-07cfg-vpn: T2806: Fix local prefix is source from loopbacksever-sever
2021-02-24Use the new Jenkins libraryDaniil Baturin
2021-02-09IPsec: T2647: Replace obsoleted ipsec.conf optionerkin
2020-12-18Merge pull request #41 from srividya0208/T3136Daniil Baturin
pre-shared-secret: T3136: Fix typo of word secret(LTS release)
2020-12-18pre-shared-secret:T3136: Fix typo of word secret (LTS)srividya0208
There is typo in the spelling of "secret" mentioned in detailed information of the pre-shared-secret key in the vpn ipsec site-to-site peer authentication hierarchy in the LTS release.
2020-12-17pre-shared-secret: T3131: Fixed the typo of secretsrividya0208
There is typo in the spelling of "secret" mentioned in detailed information of the pre-shared-secret key in the vpn ipsec site-to-site peer authentication hierarchy.
2020-10-31T3035: allow mixed protocol IPsec (IPv4 over IPv6 and vice versa).Daniil Baturin
2020-09-11New release.vyos/1.2.6VyOS Maintainers
2020-07-30IPSec tunnels: T2728: Fixed protocol selector for tunnelszsdc
The protocol selector used for tunnels in transport mode was ignored by the configuration script. This commit adding it as a part of left|rightsubnet, as required by strongSwan.
2020-07-30ESP: T2701: Fixed "pfs enable" option usagezsdc
When in ESP group configured "pfs enable" option (default behavior), PFS settings are taken from the IKE proposal 1. In case if there is no "proposal 1", this ends up with broken ESP settings and unusable VPN peer. This fix replacing logic by taking PFS from the first one IKE proposal, regardless of its number.
2020-07-26dmvpn: T2091: Move variable to cycle for multiple profilesDmitriyEshenko
2020-07-26strongSwan: T2000: Add warning message if local prefix did not configuredDmitriyEshenko
2020-05-28Merge pull request #32 from zdc/T1291-cruxChristian Poessinger
VTI: T1291: Fix for invlid VTI interface down state
2020-05-12VTI: T1291: Fix for invlid VTI interface down statezsdc
In case when between hosts exists two IPSec tunnels for VTI (for example, when both sides act as connection initiators), the older unused/replaced tunnel may switch VTI interface to the "down" state even if a newer IPSec connection is still in-use. Depending on other IPSec settings, this leads to a situation when VTI interfaces continuously flapping or stuck in a "down" state. This fix is an adaptation of PR from @m-asama for the current code base. It adding new dependency from actual SA state of IPSec connection, and do not allow to switch down a VTI interface if at least one of child connections is active or try to change the state of a VTI interface to the same, as already active.
2020-03-09Merge branch 'crux' of github.com:vyos/vyatta-cfg-vpn into cruxvyos/1.2.5Daniil Baturin
2020-03-09New release.VyOS Maintainers
2020-01-20T1780 Adding IPSec IKE close-actionDmitriyEshenko
2019-12-12T1864: lower IKEv1 DPD timeout value from 10s to 2sChristian Poessinger
(cherry picked from commit c4c8711939f709c445fe634b2f624933fa9651ab)
2019-12-10New release.vyos/1.2.4VyOS Maintainers
2019-09-28Jenkins: import Pipeline from vyos-1x commit bd00ec7Christian Poessinger
2019-08-31[logrotate] T1420 - logrotate permission errors on vyatta logfileshagbard
2019-05-21Create Jenkinsfile cruxKim Hagen
2019-04-12run on remote nodeKim
2019-04-12added nodeKim
2019-04-12pipelineKim
2019-04-12add dependencyKim
2019-03-14Fixes T1298 use vti tunnel with ipsec and dhcp.Kim
* make dhcp interface work for vti interfaces * clean up code, loger timeout use python api * change vti tunnel ip on new dhcp lease * only change ip on up and do not get non dhcp ip * fix error in function, include up-host and down-host
2019-01-26Update changelog.Daniil Baturin
2019-01-26Merge branch 'current' into cruxDaniil Baturin
2019-01-21fix typo in dead-pear-detectionKim
2019-01-15fix typoKim Hagen
2019-01-15do not display connection header when there are no tunnels createdKim Hagen
2019-01-11Reference IPsec profile name in DMPN connection names for op mode.Daniil Baturin
2019-01-07fixing cur_vers reference for Makefilehagbard
2019-01-07bumped config version so the migrate jobs workhagbard
2019-01-07Fix: T1168 - Upgrade: 1,1,7 -> 1.2.0-epa2 Ipsec logging command failure.hagbard
2018-12-31Merge branch 'current' into cruxDaniil Baturin
Conflicts: debian/changelog
2018-12-31T777: improve "connection-type" option help strings.Daniil Baturin
2018-12-06Fix: T1048: [IPSec] Protocol all does not work in IPSec Tunnelhagbard
2018-11-13T1006: allow the "any" value for the local-address option.Daniil Baturin
2018-11-13T1006: allow the "any" value for the local-address option.Daniil Baturin
2018-11-13Set the architecture to 'all' since this package has no ↵Daniil Baturin
architecture-dependent files.
2018-11-13T1006: replace the is_valid_address.pl script with ipaddrcheck.Daniil Baturin
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-26 07:08:13 +0000