summaryrefslogtreecommitdiff
path: root/templates/vpn
AgeCommit message (Collapse)Author
2011-02-04Add the ability to define a default esp group for tunnels under a peer to useJohn Southworth
2011-02-04Move protocol out of local and remote nodes as it has to be the sameJohn Southworth
2011-02-03Initial additions to support local and remote protoport in general instead ↵John Southworth
of just for GRE
2011-01-26Bugfix: 5677 add protoport option for simpler GRE tunnels, for now this is ↵John Southworth
specifically for GRE more protocols can be added in the future if required.
2011-01-26Fixed node.def to adhere to CLI conventionsJohn Southworth
2011-01-26Bug 2506: Moved the connection-type node to the peer level, as discussed ↵John Southworth
with support.
2011-01-25bugfix: 2506 added option to define initiatior or responder modeJohn Southworth
2010-08-17remove low-level config dir usageAn-Cheng Huang
2010-08-17update help text to use val_helpAn-Cheng Huang
2010-07-21remove verb usage from begining of help stringsMohit Mehta
2010-03-19Replace old form (expression) in end: tagStephen Hemminger
Use shell syntax.
2010-03-18Fix Bug 5087 add support to specify PFS group when PFS is enabledMohit Mehta
2010-01-30Fix Bug 1832 VPN copy-tos Disabling copy-tos field doesn't workMohit Mehta
* remove copy-tos field under 'vpn ipsec'. It's not supposed to work with NETKEY
2010-01-25add back CLI node for disabling uniqreqidMohit Mehta
2010-01-12* remove extraneous unused codeMohit Mehta
* use @id for identification when it's specified. It can be used even if local-ip is not 0.0.0.0 * extend syntax check for id to allow specifying hostnames * fix ipsec.secrets generation - if specified always use ids for local and remote peer (cherry picked from commit 3e7a4e45af00c11e6009d38fd97c67c2de0fa145)
2010-01-12First pass code changes to vyatta-cfg-vpn for migration to strongswan :Mohit Mehta
Remove CLI support and back-end code for unsupported parameters * No aggressive mode support in strongswan * remove syslog facility.level CLI. strongswan uses authpriv facility by default, no syslog parameter support * remove Robert's disable-uniqreqids option for now. need to get strongswan to do the same thing first Remove Openswan specific parameters added to workaroung bugs * remove plutowait, this was added to workaround Openswan Bug 412 * remove nhelpers, this was added to workaround Openswan Bug 198 Other Changes * add '!' at the end of ike and esp proposal list to signify end of list * replace `ipsec start` commands with built-in commands for `ipsec starter` control utility * replace `ipsec auto` with `ipsec whack` commands. Still need to figure out if `ipsec auto --add|--up $connection` could be replaces by simply using `ipsec update` in stronswan * change pluto.ctl path
2009-11-30added required keyword to help text.Michael Larson
2009-10-27add support for same reqids to openswan cfgRobert Bays
2009-10-20add priority to project node.slioch
2009-10-09add allowed values for ike, esp groupsMohit Mehta
2009-08-14convert enable to disable node for vpn tunnelslioch
2009-08-14add enable node below tunnel with default flag = trueslioch
2009-08-13added description field to site-to-site peer.slioch
2009-05-26Fix 3836: Allow VPN authentication ID to accept values of IP address, domain ↵Stig Thormodsrud
name and "" enclosed phrases
2009-03-26Change "ipsec-interfaces" to use vyatta-interfaces.pl for allowed tag.Stig Thormodsrud
2008-11-11allow '+' as a valid character in pre-shared-secretMohit Mehta
2008-10-07Part of fix for bug 3762 Update help and error strings for vpn pre-shared ↵Mohit Mehta
secret value - help and error string updated
2008-07-09fix for bugs 3044, 3047, and 3048: support ipsec road warriors.An-Cheng Huang
2008-06-05- disallowing use of special characters ';' and '?' in pre-shared-secret as ↵Mohit Mehta
they were not in glendale - as of now only two new characters have been added to be allowed in hollywood from glendale: ',' ':' - these work good with and without quotes being used
2008-06-05Bug 3194 VPN: xml error in "show vpn ike" command outputMohit Mehta
- reallowing the use of '&' in pre-shared-secret to prevent migration issues this will need looking into the show command procedures
2008-05-14Bug 3194 VPN: xml error in "show vpn ike" command outputMohit Mehta
- looks like the '&' special character is causing this behavior - quick fix: disallowed use of '&' in pre-shared-secret for now
2008-05-24Fix 2043: enhancement - add ability to use a hostname instead of IP address ↵Stig Thormodsrud
fo VPN peer.
2008-04-10Fix Bug 3069 Help strings should be standardizedMohit Mehta
- help strings standardized in vyatta-cfg-vpn
2008-01-31convert templates to new syntaxAn-Cheng Huang
2008-01-17Add help completions for VPN configurationStig Thormodsrud
2007-12-31interoperate with remote access vpn (if available).An-Cheng Huang
2007-12-21remove unused template directoryAn-Cheng Huang
2007-12-20Fix for vpn cfg with non-root userid.Stig Thormodsrud
2007-12-19Port vpn cfg from fairfield to glendale.Stig Thormodsrud