vyatta-cfg-vpn (0.12.64) unstable; urgency=low * Initial x509 for site-to-site ipsec vpn -- John Southworth Tue, 08 Feb 2011 19:07:06 -0600 vyatta-cfg-vpn (0.12.63) unstable; urgency=low * Bugfix 5802: add auto-update feature, for Dynamic DNS peers -- John Southworth Mon, 07 Feb 2011 15:59:29 -0600 vyatta-cfg-vpn (0.12.62) unstable; urgency=low * change ipsec config version in Makefile as well -- Mohit Mehta Fri, 04 Feb 2011 18:34:18 -0800 vyatta-cfg-vpn (0.12.61) unstable; urgency=low * change ipsec config version * change ipsec config version -- John Southworth Fri, 04 Feb 2011 19:20:42 -0600 vyatta-cfg-vpn (0.12.60) unstable; urgency=low * Add the ability to define a default esp group for tunnels under a peer to use -- John Southworth Fri, 04 Feb 2011 17:48:59 -0600 vyatta-cfg-vpn (0.12.59) unstable; urgency=low * Move protocol out of local and remote nodes as it has to be the same -- John Southworth Fri, 04 Feb 2011 13:24:13 -0600 vyatta-cfg-vpn (0.12.58) unstable; urgency=low * Initial additions to support local and remote protoport in general instead of just for GRE -- John Southworth Thu, 03 Feb 2011 19:21:54 -0600 vyatta-cfg-vpn (0.12.57) unstable; urgency=low * Make vpn errors and exiting consistent -- John Southworth Mon, 31 Jan 2011 17:09:33 -0600 vyatta-cfg-vpn (0.12.56) unstable; urgency=low * Fix problem with multiple psk being generated per peer -- John Southworth Mon, 31 Jan 2011 13:28:52 -0600 vyatta-cfg-vpn (0.12.55) unstable; urgency=low * Bugfix: 5684, added quotes around rsa keys in ipsec.conf so that strongswan doesn't fail on == -- John Southworth Fri, 28 Jan 2011 16:38:54 -0600 vyatta-cfg-vpn (0.12.54) unstable; urgency=low * Bugfix: 5677 add protoport option for simpler GRE tunnels, for now this is specifically for GRE more protocols can be added in the future if required. -- John Southworth Wed, 26 Jan 2011 19:02:50 -0600 vyatta-cfg-vpn (0.12.53) unstable; urgency=low * Make VPN config die after the first error occurs instead of continuing to process the rest of the config -- John Southworth Wed, 26 Jan 2011 12:33:01 -0600 vyatta-cfg-vpn (0.12.52) unstable; urgency=low * Fixed node.def to adhere to CLI conventions -- John Southworth Wed, 26 Jan 2011 11:24:14 -0600 vyatta-cfg-vpn (0.12.51) unstable; urgency=low * Bug 2506: Moved the connection-type node to the peer level, as discussed with support. -- John Southworth Wed, 26 Jan 2011 11:02:54 -0600 vyatta-cfg-vpn (0.12.50) unstable; urgency=low * Bugfix 6068. This fixes the given perl problem, however there may be more that appear. We should die when an error is found and stop processing the file -- John Southworth Tue, 25 Jan 2011 18:42:07 -0600 vyatta-cfg-vpn (0.12.49) unstable; urgency=low * Bugfix 6229: don't allow local and remote subnets to be the same -- John Southworth Tue, 25 Jan 2011 18:21:22 -0600 vyatta-cfg-vpn (0.12.48) unstable; urgency=low * bugfix: 2506 added option to define initiatior or responder mode * bugfix: 2506 added option to define initiatior or responder mode -- John Southworth Tue, 25 Jan 2011 18:12:54 -0600 vyatta-cfg-vpn (0.12.47) unstable; urgency=low * fix conflict while merging * make adjustment so that op mode can deal with new secrets file format -- John Southworth Thu, 20 Jan 2011 19:41:18 -0600 vyatta-cfg-vpn (0.12.46) unstable; urgency=low * error location support changes to vpn (local-ip and auth missing only at this time). * more location based error support. -- Michael Larson Mon, 17 Jan 2011 12:11:55 -0800 vyatta-cfg-vpn (0.12.45) unstable; urgency=low * new branch -- An-Cheng Huang Tue, 28 Dec 2010 13:48:03 -0800 vyatta-cfg-vpn (0.12.44) unstable; urgency=low * remove deprecated linda override * Fix email address * Update list of created files in .gitignore -- Stephen Hemminger Fri, 26 Nov 2010 11:10:24 -0800 vyatta-cfg-vpn (0.12.43) unstable; urgency=low * UNRELEASED -- An-Cheng Huang Thu, 02 Sep 2010 18:28:36 -0700 vyatta-cfg-vpn (0.12.42) unstable; urgency=low * remove low-level config dir usage -- An-Cheng Huang Tue, 17 Aug 2010 18:24:29 -0700 vyatta-cfg-vpn (0.12.41) unstable; urgency=low * update help text to use val_help -- An-Cheng Huang Tue, 17 Aug 2010 15:31:14 -0700 vyatta-cfg-vpn (0.12.40) unstable; urgency=low * UNRELEASED -- An-Cheng Huang Thu, 22 Jul 2010 17:23:43 -0700 vyatta-cfg-vpn (0.12.39) unstable; urgency=low * remove unused options -- An-Cheng Huang Thu, 22 Jul 2010 11:32:45 -0700 vyatta-cfg-vpn (0.12.38) unstable; urgency=low * remove verb usage from begining of help strings -- Mohit Mehta Wed, 21 Jul 2010 18:37:19 -0700 vyatta-cfg-vpn (0.12.37) unstable; urgency=low * Fix Bug 5652 set ike/ipsec keying tries to forever -- Mohit Mehta Thu, 03 Jun 2010 16:36:11 -0700 vyatta-cfg-vpn (0.12.36) unstable; urgency=low * add passthrough connection if remote-subnet contains local-subnet -- Mohit Mehta Wed, 26 May 2010 20:15:16 -0700 vyatta-cfg-vpn (0.12.35) unstable; urgency=low * Fix Bug 5542 -- Mohit Mehta Mon, 19 Apr 2010 18:48:05 -0700 vyatta-cfg-vpn (0.12.34) unstable; urgency=low * Fix Bug 5500 Unable to establish a VPN connection from a remote peer with a -- Mohit Mehta Wed, 31 Mar 2010 15:36:41 -0700 vyatta-cfg-vpn (0.12.33) unstable; urgency=low * Replace old form (expression) in end: tag * Fix perl critic warnings -- Stephen Hemminger Tue, 30 Mar 2010 08:33:14 -0700 vyatta-cfg-vpn (0.12.32) unstable; urgency=low * Fix Bug 5087 add support to specify PFS group when PFS is enabled -- Mohit Mehta Thu, 18 Mar 2010 14:56:04 -0700 vyatta-cfg-vpn (0.12.31) unstable; urgency=low * UNRELEASED -- An-Cheng Huang Wed, 17 Feb 2010 16:13:41 -0800 vyatta-cfg-vpn (0.12.30) unstable; urgency=low * 1. use correct notation to represent private,public networks -- Mohit Mehta Fri, 05 Feb 2010 19:06:12 -0800 vyatta-cfg-vpn (0.12.29) unstable; urgency=low * Fix Bug 1832 VPN copy-tos Disabling copy-tos field doesn't work -- Mohit Mehta Sat, 30 Jan 2010 13:45:09 -0800 vyatta-cfg-vpn (0.12.28) unstable; urgency=low * remove dead code. we use 'ipsec update' to update changes to connections now * perltidy vpn-config.pl -- Mohit Mehta Thu, 28 Jan 2010 15:46:23 -0800 vyatta-cfg-vpn (0.12.27) unstable; urgency=low * add back CLI node for disabling uniqreqid -- Mohit Mehta Mon, 25 Jan 2010 14:35:18 -0800 vyatta-cfg-vpn (0.12.26) unstable; urgency=low * bump up ipsec version -- Mohit Mehta Thu, 14 Jan 2010 12:06:23 -0800 vyatta-cfg-vpn (0.12.25) unstable; urgency=low * vyatta-cfg-vpn depends on vyatta-ipsec provided by vyatta-strongswan * First pass code changes to vyatta-cfg-vpn for migration to strongswan : * no need to maintain state of connections and take state-specific actions for * add comment to identify end of connection description * * remove extraneous unused code * Do not start IKEv2 daemon for now * use leftsourceip to add route to remote subnet -- Mohit Mehta Tue, 12 Jan 2010 17:20:05 -0800 vyatta-cfg-vpn (0.12.24) unstable; urgency=low * skipping used tags -- Mohit Mehta Wed, 02 Dec 2009 10:57:39 -0800 vyatta-cfg-vpn (0.12.22) unstable; urgency=low * added required keyword to help text. -- Michael Larson Mon, 30 Nov 2009 16:45:35 -0800 vyatta-cfg-vpn (0.12.21) unstable; urgency=low * pptp config check not needed when vpn ipsec is configured * 0.12.19 -- Mohit Mehta Wed, 25 Nov 2009 16:05:50 -0800 vyatta-cfg-vpn (0.12.19) unstable; urgency=low * pptp config check not needed when vpn ipsec is configured -- Mohit Mehta Wed, 25 Nov 2009 15:59:16 -0800 vyatta-cfg-vpn (0.12.18) unstable; urgency=low * dependency update -- Michael Larson Fri, 13 Nov 2009 14:13:54 -0800 vyatta-cfg-vpn (0.12.17) unstable; urgency=low * use vyatta openswan -- An-Cheng Huang Fri, 06 Nov 2009 15:05:37 -0800 vyatta-cfg-vpn (0.12.16) unstable; urgency=low [ Robert Bays ] * add support for same reqids to openswan cfg [ Mohit Mehta ] * indent and reformat script using perltidy in hope of making it easier to read * more formatting clean-up -- Mohit Mehta Mon, 02 Nov 2009 16:29:01 -0800 vyatta-cfg-vpn (0.12.15) unstable; urgency=low * add priority to project node. -- slioch Tue, 20 Oct 2009 16:21:00 -0700 vyatta-cfg-vpn (0.12.14) unstable; urgency=low * add allowed values for ike, esp groups -- Mohit Mehta Fri, 09 Oct 2009 18:36:18 -0700 vyatta-cfg-vpn (0.12.13) unstable; urgency=low * Fix Bug 3011 Remote VPN configuration issues site-to-site warning -- Mohit Mehta Tue, 06 Oct 2009 16:27:25 -0700 vyatta-cfg-vpn (0.12.12) unstable; urgency=low * Fix 4902: setting ipsec site-to-site tunnel with authentication id <> and local-ip 0.0.0.0 got "no connection named <>" -- Stig Thormodsrud Fri, 04 Sep 2009 17:16:42 -0700 vyatta-cfg-vpn (0.12.11) unstable; urgency=low * add enable node below tunnel with default flag = true * convert enable to disable node for vpn tunnel * added support in configuration script to support tunnel disable node. * manage state of add|delete|restart on connections for vpn given disable node. -- slioch Thu, 27 Aug 2009 14:36:04 -0700 vyatta-cfg-vpn (0.12.10) unstable; urgency=low * added description field to site-to-site peer. -- slioch Thu, 13 Aug 2009 09:24:10 -0700 vyatta-cfg-vpn (0.12.9) unstable; urgency=low * Fix 4623: Removing IPSEC VPN config without removing cluster ipsec config drops all interfaces. -- Stig Thormodsrud Fri, 10 Jul 2009 14:13:06 -0700 vyatta-cfg-vpn (0.12.8) unstable; urgency=low * UNRELEASED -- An-Cheng Huang Fri, 29 May 2009 18:35:35 -0700 vyatta-cfg-vpn (0.12.7) unstable; urgency=low * Fix 3836: Allow VPN authentication ID to accept values of IP address, domain name and "" enclosed phrases -- Stig Thormodsrud Tue, 26 May 2009 18:51:05 -0700 vyatta-cfg-vpn (0.12.6) unstable; urgency=low * Bugfix 3284: Allow commit to succeed if local-ip is not configured. -- Bob Gilligan Wed, 08 Apr 2009 18:04:59 -0700 vyatta-cfg-vpn (0.12.5) unstable; urgency=low * Bugfix 2387: Don't list interfaces in ipsec config file. -- Bob Gilligan Mon, 06 Apr 2009 16:43:15 -0700 vyatta-cfg-vpn (0.12.4) unstable; urgency=low * Change "ipsec-interfaces" to use vyatta-interfaces.pl for allowed tag. -- Stig Thormodsrud Thu, 26 Mar 2009 12:29:06 -0700 vyatta-cfg-vpn (0.12.3) unstable; urgency=low * Fix 4219: IPsec VPN does not launch on boot, error "The local-ip address X.X.X.X of peer "X.X.X.X" has not been configured in any of the local. -- Stig Thormodsrud Mon, 16 Mar 2009 20:57:23 -0700 vyatta-cfg-vpn (0.12.2) unstable; urgency=low * Remove perlcritic warnings * Fix use of unitialized value * Fix ambiguous use of $log -- Stephen Hemminger Thu, 12 Feb 2009 14:22:11 -0800 vyatta-cfg-vpn (0.12.1) unstable; urgency=low [ An-Cheng Huang ] * add support for development build [ Stephen Hemminger ] * Rename VyattaVPNUtil to Vyatta::VPNUtil * Convert to Vyatta:: hierarchy [ An-Cheng Huang ] * update maintainer information * "files" file should be removed before package build -- An-Cheng Huang Thu, 08 Jan 2009 09:26:01 -0800 vyatta-cfg-vpn (0.12) unstable; urgency=low 3.2.0 [ Mark O'Brien ] [ Mohit Mehta ] * allow '+' as a valid character in pre-shared-secret [ Stig Thormodsrud ] * Remove unused rsa keys. [ Mohit Mehta ] * Part of fix for bug 3762 Update help and error strings for vpn pre- shared secret value [ Mark O'Brien ] -- Mark O'Brien Tue, 25 Nov 2008 19:09:27 -0800 vyatta-cfg-vpn (0.11) unstable; urgency=low 3.1.2 [ Mark O'Brien ] [ Stig Thormodsrud ] * Fix 3300: VPN over PPPOE completely fails on reboot [ An-Cheng Huang ] * fix for bug 3044: hide perl error messages * add config version file * fix for bugs 3044, 3047, and 3048: support ipsec road warriors. [ Mark O'Brien ] -- Mark O'Brien Wed, 23 Jul 2008 21:35:55 -0700 vyatta-cfg-vpn (0.10) unstable; urgency=low 3.1.0 [ Mark O'Brien ] [ Mohit Mehta ] * - disallowing use of special characters ';' and '?' in pre-shared- secret as they were not in glendale * Bug 3194 VPN: xml error in "show vpn ike" command output * Bug 3194 VPN: xml error in "show vpn ike" command output [ Stig Thormodsrud ] * Fix 2043: enhancement - add ability to use a hostname instead of IP address fo VPN peer. [ rbalocca ] * Ignore derived files [ Stig Thormodsrud ] * Fix 3182: VPN should not be started at boot unless configured. [ rbalocca ] * Don't include empty dir in the debian package * Convert to our method of changelog creation [ Mohit Mehta ] * Fix Bug 3069 Help strings should be standardized [ Mark O'Brien ] -- Mark O'Brien Tue, 17 Jun 2008 09:26:29 -0700 vyatta-cfg-vpn (0.9) unstable; urgency=low 3.0.5 -- Mark O'Brien Tue, 06 May 2008 12:43:17 -0700 vyatta-cfg-vpn (0.8) unstable; urgency=low 3.0.4 -- Mark O'Brien Mon, 05 May 2008 16:40:37 -0700 vyatta-cfg-vpn (0.7) unstable; urgency=low 3.0.3 [ Mark O'Brien ] [ rbalocca ] * Indicate the VC4.0.2 release candidate in the changelog [ Mark O'Brien ] -- Mark O'Brien Tue, 29 Apr 2008 16:42:18 -0700 vyatta-cfg-vpn (0.6) unstable; urgency=low VC4.0.2 -- Mark O'Brien Sat, 19 Apr 2008 11:56:04 -0700 vyatta-cfg-vpn (0.5) unstable; urgency=low VC4.0.2 release candidate [ Mark O'Brien ] [ Stig Thormodsrud ] * Fix 3046: vpn: transport mode not working with current vyatta config [ Mark O'Brien ] -- Mark O'Brien Wed, 16 Apr 2008 09:50:06 -0700 vyatta-cfg-vpn (0.4) unstable; urgency=low 3.0.2 [ Mark O'Brien ] * 3.0.1 [ rbalocca ] * Fix debian dependencies * Set dependencies on either bash or vyatta-bash [ Mark O'Brien ] -- Mark O'Brien Fri, 04 Apr 2008 18:00:37 -0700 vyatta-cfg-vpn (0.3) unstable; urgency=low VC4.0.1 [ Mark O'Brien ] [ Stephen Hemminger ] * Replace VPL with GPLv2 * Convert from VPL 1.0 to GPLv2 [ Mark O'Brien ] -- Mark O'Brien Tue, 18 Mar 2008 19:04:00 -0700 vyatta-cfg-vpn (0.2) unstable; urgency=low vc4.0.0 [ Mark O'Brien ] [ An-Cheng Huang ] * convert templates to new syntax [ Marat Nepomnyashy ] * Treat ipsec return code 26624 as normal when bringing up a connection, but treat all other error codes as errors. Bug 2671 fix. Also added settings 'nhelpers=5' to mitigate Openswan Bug 412 and 'plutowait=yes' to mitigate Openswan Bug 198. * Check for the case when authentication mode is not specified to prevent Perl uninitialized value error. Bug 2772 fix. [ Stig Thormodsrud ] * Fix 2838 Clearing VPN process starts VPN, even if not configured [ Mark O'Brien ] -- Mark O'Brien Mon, 25 Feb 2008 17:38:42 -0800 vyatta-cfg-vpn (0.1) unstable; urgency=low * Initial Release. -- Stig Thormodsrud Wed, 19 Dec 2007 14:09:00 -0700