Age | Commit message (Collapse) | Author | |
---|---|---|---|
2011-02-22 | fix some node.def errors | John Southworth | |
2011-02-16 | Initial support for configuring dhcp-interfaces for IPSEC, needs testing | John Southworth | |
2011-02-09 | Add template for auto-update cli | John Southworth | |
2011-02-08 | Initial x509 for site-to-site ipsec vpn | John Southworth | |
2011-02-04 | Add the ability to define a default esp group for tunnels under a peer to use | John Southworth | |
2011-02-04 | Move protocol out of local and remote nodes as it has to be the same | John Southworth | |
2011-02-03 | Initial additions to support local and remote protoport in general instead ↵ | John Southworth | |
of just for GRE | |||
2011-01-26 | Bugfix: 5677 add protoport option for simpler GRE tunnels, for now this is ↵ | John Southworth | |
specifically for GRE more protocols can be added in the future if required. | |||
2011-01-26 | Fixed node.def to adhere to CLI conventions | John Southworth | |
2011-01-26 | Bug 2506: Moved the connection-type node to the peer level, as discussed ↵ | John Southworth | |
with support. | |||
2011-01-25 | bugfix: 2506 added option to define initiatior or responder mode | John Southworth | |
2010-08-17 | remove low-level config dir usage | An-Cheng Huang | |
2010-08-17 | update help text to use val_help | An-Cheng Huang | |
2010-07-21 | remove verb usage from begining of help strings | Mohit Mehta | |
2010-03-18 | Fix Bug 5087 add support to specify PFS group when PFS is enabled | Mohit Mehta | |
2010-01-30 | Fix Bug 1832 VPN copy-tos Disabling copy-tos field doesn't work | Mohit Mehta | |
* remove copy-tos field under 'vpn ipsec'. It's not supposed to work with NETKEY | |||
2010-01-25 | add back CLI node for disabling uniqreqid | Mohit Mehta | |
2010-01-12 | * remove extraneous unused code | Mohit Mehta | |
* use @id for identification when it's specified. It can be used even if local-ip is not 0.0.0.0 * extend syntax check for id to allow specifying hostnames * fix ipsec.secrets generation - if specified always use ids for local and remote peer (cherry picked from commit 3e7a4e45af00c11e6009d38fd97c67c2de0fa145) | |||
2010-01-12 | First pass code changes to vyatta-cfg-vpn for migration to strongswan : | Mohit Mehta | |
Remove CLI support and back-end code for unsupported parameters * No aggressive mode support in strongswan * remove syslog facility.level CLI. strongswan uses authpriv facility by default, no syslog parameter support * remove Robert's disable-uniqreqids option for now. need to get strongswan to do the same thing first Remove Openswan specific parameters added to workaroung bugs * remove plutowait, this was added to workaround Openswan Bug 412 * remove nhelpers, this was added to workaround Openswan Bug 198 Other Changes * add '!' at the end of ike and esp proposal list to signify end of list * replace `ipsec start` commands with built-in commands for `ipsec starter` control utility * replace `ipsec auto` with `ipsec whack` commands. Still need to figure out if `ipsec auto --add|--up $connection` could be replaces by simply using `ipsec update` in stronswan * change pluto.ctl path | |||
2009-11-30 | added required keyword to help text. | Michael Larson | |
2009-10-27 | add support for same reqids to openswan cfg | Robert Bays | |
2009-10-09 | add allowed values for ike, esp groups | Mohit Mehta | |
2009-08-14 | convert enable to disable node for vpn tunnel | slioch | |
2009-08-14 | add enable node below tunnel with default flag = true | slioch | |
2009-08-13 | added description field to site-to-site peer. | slioch | |
2009-05-26 | Fix 3836: Allow VPN authentication ID to accept values of IP address, domain ↵ | Stig Thormodsrud | |
name and "" enclosed phrases | |||
2009-03-26 | Change "ipsec-interfaces" to use vyatta-interfaces.pl for allowed tag. | Stig Thormodsrud | |
2008-11-11 | allow '+' as a valid character in pre-shared-secret | Mohit Mehta | |
2008-10-07 | Part of fix for bug 3762 Update help and error strings for vpn pre-shared ↵ | Mohit Mehta | |
secret value - help and error string updated | |||
2008-07-09 | fix for bugs 3044, 3047, and 3048: support ipsec road warriors. | An-Cheng Huang | |
2008-06-05 | - disallowing use of special characters ';' and '?' in pre-shared-secret as ↵ | Mohit Mehta | |
they were not in glendale - as of now only two new characters have been added to be allowed in hollywood from glendale: ',' ':' - these work good with and without quotes being used | |||
2008-06-05 | Bug 3194 VPN: xml error in "show vpn ike" command output | Mohit Mehta | |
- reallowing the use of '&' in pre-shared-secret to prevent migration issues this will need looking into the show command procedures | |||
2008-05-14 | Bug 3194 VPN: xml error in "show vpn ike" command output | Mohit Mehta | |
- looks like the '&' special character is causing this behavior - quick fix: disallowed use of '&' in pre-shared-secret for now | |||
2008-05-24 | Fix 2043: enhancement - add ability to use a hostname instead of IP address ↵ | Stig Thormodsrud | |
fo VPN peer. | |||
2008-04-10 | Fix Bug 3069 Help strings should be standardized | Mohit Mehta | |
- help strings standardized in vyatta-cfg-vpn | |||
2008-01-31 | convert templates to new syntax | An-Cheng Huang | |
2008-01-17 | Add help completions for VPN configuration | Stig Thormodsrud | |
2007-12-21 | remove unused template directory | An-Cheng Huang | |
2007-12-19 | Port vpn cfg from fairfield to glendale. | Stig Thormodsrud | |