Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-05-28 | T2816: migrated codebase to vyos-1xHEADcurrent | Christian Poessinger | |
2021-02-03 | Merge pull request #42 from erkin/current | Daniil Baturin | |
IPsec: T627: Fix misuse of `vpn_die()` | |||
2021-02-02 | IPsec: T627: Fix misuse of `vpn_die()` | erkin | |
2020-12-18 | Merge pull request #40 from srividya0208/T3131 | Daniil Baturin | |
pre-shared-secret: T3131: Fix typo of word secret | |||
2020-12-17 | pre-shared-secret: T3131: Fix typo of word secret | srividya0208 | |
There is typo in the spelling of "secret" mentioned in detailed information of the pre-shared-secret key in the vpn ipsec site-to-site peer authentication hierarchy. | |||
2020-10-31 | T3035: allow mixed protocol IPsec (IPv4 over IPv6 and vice versa). | Daniil Baturin | |
2020-09-23 | Merge pull request #39 from sever-sever/T2916 | Daniil Baturin | |
cfg-vpn: T2916: Fix typo for vti interface disable state | |||
2020-09-23 | cfg-vpn: T2916: Fix typo for vti interface disable state | sever-sever | |
2020-09-22 | Merge pull request #38 from sever-sever/T2895 | Daniil Baturin | |
vfg-vpn: T2895: Removing unnecessary duplicate check for leftsubnet | |||
2020-09-22 | vfg-vpn: T2895: Removing unnecessary duplicate check for leftsubnet | sever-sever | |
2020-09-19 | Merge pull request #37 from sever-sever/T2806 | Christian Poessinger | |
cfg-vpn: T2806: Fix local prefix is source from loopback | |||
2020-09-18 | cfg-vpn: T2806: Fix local prefix is source from loopback | sever-sever | |
2020-08-22 | Merge pull request #36 from erkin/current | Daniil Baturin | |
IPsec: T2647: Replace obsoleted ipsec.conf option | |||
2020-08-22 | IPsec: T2647: Replace obsoleted ipsec.conf option | erkin | |
2020-07-31 | Merge pull request #35 from zdc/T2728-equuleus | Daniil Baturin | |
IPSec tunnels: T2728: Fixed protocol selector for tunnels | |||
2020-07-30 | IPSec tunnels: T2728: Fixed protocol selector for tunnels | zsdc | |
The protocol selector used for tunnels in transport mode was ignored by the configuration script. This commit adding it as a part of left|rightsubnet, as required by strongSwan. | |||
2020-07-30 | Merge pull request #34 from zdc/T2701 | Daniil Baturin | |
ESP: T2701: Fixed "pfs enable" option usage | |||
2020-07-13 | ESP: T2701: Fixed "pfs enable" option usage | zsdc | |
When in ESP group configured "pfs enable" option (default behavior), PFS settings are taken from the IKE proposal 1. In case if there is no "proposal 1", this ends up with broken ESP settings and unusable VPN peer. This fix replacing logic by taking PFS from the first one IKE proposal, regardless of its number. | |||
2020-06-23 | Jenkins: T2625: migrate to build library | Christian Poessinger | |
2020-05-28 | Merge pull request #33 from DmitriyEshenko/cur-fix28052020 | Daniil Baturin | |
strongSwan: T2000: Add warning message if local prefix did not config… | |||
2020-05-28 | strongSwan: T2000: Add warning message if local prefix did not configured | DmitriyEshenko | |
2020-05-25 | Merge pull request #30 from DmitriyEshenko/rolling-dmvpn | Daniil Baturin | |
dmvpn: T2091: Move variable to cycle for multiple profiles | |||
2020-05-08 | T2431: fix a reference to valida-value.py | Daniil Baturin | |
2020-05-04 | Merge pull request #31 from zdc/T1291 | Christian Poessinger | |
VTI: T1291: Fix for invlid VTI interface down state | |||
2020-05-04 | VTI: T1291: Fix for invlid VTI interface down state | zsdc | |
In case when between hosts exists two IPSec tunnels for VTI (for example, when both sides act as connection initiators), the older unused/replaced tunnel may switch VTI interface to the "down" state even if a newer IPSec connection is still in-use. Depending on other IPSec settings, this leads to a situation when VTI interfaces continuously flapping or stuck in a "down" state. This fix is an adaptation of PR from @m-asama for the current code base. It adding new dependency from actual SA state of IPSec connection, and do not allow to switch down a VTI interface if at least one of child connections is active or try to change the state of a VTI interface to the same, as already active. | |||
2020-04-23 | dmvpn: T2091: Move variable to cycle for multiple profiles | DmitriyEshenko | |
2020-04-08 | Merge pull request #29 from zdc/T2049 | Christian Poessinger | |
strongSwan: T2049: Added lost "disable" option to ESP PFS settings | |||
2020-04-08 | strongSwan: T2049: Added lost "disable" option to ESP PFS settings | zsdc | |
2020-03-26 | strongSwan: T2164: add dependency on libstrongswan-standard-plugins | John Estabrook | |
2020-03-21 | Jenkins: T1870: support GitHub PullRequest builds | Christian Poessinger | |
2020-03-11 | Merge pull request #28 from zdc/T2049 | Christian Poessinger | |
strongSwan: T2049: Extended list of cipher suites | |||
2020-03-11 | strongSwan: T2049: Extended list of cipher suites | zsdc | |
The list of supported cipher suites actualized according to the: https://wiki.strongswan.org/projects/strongswan/wiki/IKEv1CipherSuites https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites | |||
2019-12-27 | Jenkins: make pipeline branch independent | Christian Poessinger | |
2019-12-18 | Jenkins: adjust to new Debian Buster build | Christian Poessinger | |
2019-12-18 | Merge branch 'equuleus' of github.com:vyos/vyatta-cfg-vpn into current | Christian Poessinger | |
* 'equuleus' of github.com:vyos/vyatta-cfg-vpn: Jenkins: import Pipeline from vyos-1x commit bd00ec7 update Jenkins file for equuleus | |||
2019-12-08 | T1864: lower IKEv1 DPD timeout value from 10s to 2sVyOS_1.2-2019Q4 | Christian Poessinger | |
2019-12-07 | Merge branch 'current' of github.com:vyos/vyatta-cfg-vpn into equuleus | Christian Poessinger | |
* 'current' of github.com:vyos/vyatta-cfg-vpn: dmvpn: T1784: Run ipsec-settings before DMVPN T1780 Adding IPSec IKE close-action Jenkins: import Pipeline from vyos-1x commit bd00ec7 | |||
2019-12-05 | Merge pull request #27 from DmitriyEshenko/dmvpn | Christian Poessinger | |
dmvpn: T1784: Run ipsec-settings before DMVPN | |||
2019-12-05 | dmvpn: T1784: Run ipsec-settings before DMVPN | DmitriyEshenko | |
2019-11-02 | Merge pull request #26 from DmitriyEshenko/ipsec-closeact | Christian Poessinger | |
T1780 Adding IPSec IKE close-action | |||
2019-10-31 | T1780 Adding IPSec IKE close-action | DmitriyEshenko | |
2019-09-28 | Jenkins: import Pipeline from vyos-1x commit bd00ec7 | Christian Poessinger | |
2019-09-28 | Jenkins: import Pipeline from vyos-1x commit bd00ec7 | Christian Poessinger | |
2019-08-19 | Merge branch 'current' into equuleus | Daniil Baturin | |
2019-08-14 | update Jenkins file for equuleus | UnicronNL | |
2019-07-25 | Merge pull request #25 from hagbard-01/l2tp | hagbard-01 | |
[accel-l2tp] - T834: L2TP implementation | |||
2019-07-25 | [accel-l2tp] - T834: L2TP implementation | hagbard | |
- disable legacy update-l2tp.pl - ipsec-settings.py last entry to run after all the legacy scripts | |||
2019-07-05 | T1499: Allow for usage of systemd interface mappings (#23) | runborg | |
2019-06-19 | [logrotate] T1420 - logrotate permission errors on vyatta logfiles | hagbard | |
2019-05-21 | Create Jenkinsfile current | Kim Hagen | |