| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2010-03-18 | 0.12.32debian/0.12.32 | Mohit Mehta | |
| 2010-03-18 | Fix Bug 5087 add support to specify PFS group when PFS is enabled | Mohit Mehta | |
| 2010-02-17 | 0.12.31debian/0.12.31 | An-Cheng Huang | |
| 2010-02-05 | 0.12.30debian/0.12.30 | Mohit Mehta | |
| 2010-02-05 | 1. use correct notation to represent private,public networks | Mohit Mehta | |
| i.e. use vhost:%priv,%no instead of %priv,%no. Previously used notation was never supposed to work. Corrected notation is what we use in l2tp/ipsec as well and is also recommended otherwise. 2. cannot use leftsourceip to add route when right-subnet is not specific is based on generalized private,public networks | |||
| 2010-01-30 | 0.12.29debian/0.12.29 | Mohit Mehta | |
| 2010-01-30 | Fix Bug 1832 VPN copy-tos Disabling copy-tos field doesn't work | Mohit Mehta | |
| * remove copy-tos field under 'vpn ipsec'. It's not supposed to work with NETKEY | |||
| 2010-01-28 | 0.12.28debian/0.12.28 | Mohit Mehta | |
| 2010-01-28 | perltidy vpn-config.pl | Mohit Mehta | |
| 2010-01-28 | remove dead code. we use 'ipsec update' to update changes to connections now | Mohit Mehta | |
| 2010-01-25 | 0.12.27debian/0.12.27 | Mohit Mehta | |
| 2010-01-25 | add back CLI node for disabling uniqreqid | Mohit Mehta | |
| 2010-01-14 | 0.12.26debian/0.12.26 | Mohit Mehta | |
| 2010-01-14 | bump up ipsec version | Mohit Mehta | |
| 2010-01-12 | 0.12.25debian/0.12.25 | Mohit Mehta | |
| 2010-01-12 | use leftsourceip to add route to remote subnet | Mohit Mehta | |
| (cherry picked from commit eb6d27497bab9e82218d8999778f7b4959fd34ea) | |||
| 2010-01-12 | Do not start IKEv2 daemon for now | Mohit Mehta | |
| (cherry picked from commit 7fab51307ecaf65a7da880f60a97a73bda87e5c7) | |||
| 2010-01-12 | * remove extraneous unused code | Mohit Mehta | |
| * use @id for identification when it's specified. It can be used even if local-ip is not 0.0.0.0 * extend syntax check for id to allow specifying hostnames * fix ipsec.secrets generation - if specified always use ids for local and remote peer (cherry picked from commit 3e7a4e45af00c11e6009d38fd97c67c2de0fa145) | |||
| 2010-01-12 | add comment to identify end of connection description | Mohit Mehta | |
| (cherry picked from commit cb9ed22ae45d03fa37148273d02cef4a9a179d1d) | |||
| 2010-01-12 | no need to maintain state of connections and take state-specific actions for | Mohit Mehta | |
| each connection when config changes. `ipsec update` in strongswan determines any changes in ipsec.conf and updates the configuration on running daemon (cherry picked from commit 55b703e669e0f792c04d29541d8fe00d2a9d624b) | |||
| 2010-01-12 | First pass code changes to vyatta-cfg-vpn for migration to strongswan : | Mohit Mehta | |
| Remove CLI support and back-end code for unsupported parameters * No aggressive mode support in strongswan * remove syslog facility.level CLI. strongswan uses authpriv facility by default, no syslog parameter support * remove Robert's disable-uniqreqids option for now. need to get strongswan to do the same thing first Remove Openswan specific parameters added to workaroung bugs * remove plutowait, this was added to workaround Openswan Bug 412 * remove nhelpers, this was added to workaround Openswan Bug 198 Other Changes * add '!' at the end of ike and esp proposal list to signify end of list * replace `ipsec start` commands with built-in commands for `ipsec starter` control utility * replace `ipsec auto` with `ipsec whack` commands. Still need to figure out if `ipsec auto --add|--up $connection` could be replaces by simply using `ipsec update` in stronswan * change pluto.ctl path | |||
| 2010-01-12 | vyatta-cfg-vpn depends on vyatta-ipsec provided by vyatta-strongswan | Mohit Mehta | |
| (cherry picked from commit f830e7cfd66d7cf368d47cd5dea47dd26711875a) | |||
| 2009-12-02 | 0.12.24debian/0.12.24 | Mohit Mehta | |
| 2009-11-30 | 0.12.22 | Michael Larson | |
| 2009-11-30 | added required keyword to help text. | Michael Larson | |
| 2009-11-25 | 0.12.21debian/0.12.21 | Mohit Mehta | |
| 2009-11-25 | 0.12.19 | Mohit Mehta | |
| 2009-11-25 | pptp config check not needed when vpn ipsec is configured | Mohit Mehta | |
| 2009-11-13 | 0.12.18debian/0.12.18 | Michael Larson | |
| 2009-11-13 | dependency update | Michael Larson | |
| 2009-11-06 | 0.12.17debian/0.12.17 | An-Cheng Huang | |
| 2009-11-06 | use vyatta openswan | An-Cheng Huang | |
| 2009-11-02 | 0.12.16debian/0.12.16 | Mohit Mehta | |
| 2009-11-02 | more formatting clean-up | Mohit Mehta | |
| 2009-11-02 | indent and reformat script using perltidy in hope of making it easier to read | Mohit Mehta | |
| 2009-10-27 | add support for same reqids to openswan cfg | Robert Bays | |
| 2009-10-20 | 0.12.15debian/0.12.15 | slioch | |
| 2009-10-20 | add priority to project node. | slioch | |
| 2009-10-09 | 0.12.14debian/0.12.14 | Mohit Mehta | |
| 2009-10-09 | add allowed values for ike, esp groups | Mohit Mehta | |
| 2009-10-06 | 0.12.13debian/0.12.13 | Mohit Mehta | |
| 2009-10-06 | Fix Bug 3011 Remote VPN configuration issues site-to-site warning | Mohit Mehta | |
| * issue warning when none of site-to-site peers, remote access l2tp/pptp set | |||
| 2009-09-04 | 0.12.12debian/0.12.12 | Stig Thormodsrud | |
| 2009-09-04 | Fix 4902: setting ipsec site-to-site tunnel with authentication id <> and ↵ | Stig Thormodsrud | |
| local-ip 0.0.0.0 got "no connection named <>" | |||
| 2009-08-27 | 0.12.11debian/0.12.11 | slioch | |
| 2009-08-20 | manage state of add|delete|restart on connections for vpn given disable node. | slioch | |
| 2009-08-20 | added support in configuration script to support tunnel disable node. | slioch | |
| 2009-08-14 | convert enable to disable node for vpn tunnel | slioch | |
| 2009-08-14 | add enable node below tunnel with default flag = true | slioch | |
| 2009-08-13 | 0.12.10debian/0.12.10 | slioch | |
 |
index : vyatta-cfg-vpn.git | |
| Vyatta VPN configuration (mirror of https://github.com/vyos/vyatta-cfg-vpn.git) |
| summaryrefslogtreecommitdiff |