vyatta-cfg-vpn (0.12.105+vyos2+lithium17) unstable; urgency=low [ Alex Harpin ] * vyatta-cfg-vpn: validate local address for vti based vpn connections -- Alex Harpin Sun, 28 Jun 2015 13:44:16 +0100 vyatta-cfg-vpn (0.12.105+vyos2+lithium16) unstable; urgency=low [ Alex Harpin ] * vyatta-cfg-vpn: validate peer address for vti based vpn connections -- Alex Harpin Fri, 26 Jun 2015 07:51:33 +0100 vyatta-cfg-vpn (0.12.105+vyos2+lithium15) unstable; urgency=low [ Alex Harpin ] * vyatta-cfg-vpn: formatting changes for style consistency * vyatta-cfg-vpn: further tidy up of vyatta-vti-config.pl * vyatta-cfg-vpn: vti interfaces remain link down after ipsec sa renewal -- Alex Harpin Thu, 18 Jun 2015 07:44:43 +0100 vyatta-cfg-vpn (0.12.105+vyos2+lithium14) unstable; urgency=low * vyatta-cfg-vpn: update dh_gencontrol with new development build flag -- Alex Harpin Tue, 16 Jun 2015 19:35:00 +0100 vyatta-cfg-vpn (0.12.105+vyos2+lithium13) unstable; urgency=low * Bug #504: add an option for pulling IPsec local id from the cert. -- Daniil Baturin Sun, 14 Jun 2015 01:53:07 +0200 vyatta-cfg-vpn (0.12.105+vyos2+lithium12) unstable; urgency=low * Bug #469: add options for AES-128/256-GCM mode. -- Daniil Baturin Mon, 04 May 2015 00:37:05 +0200 vyatta-cfg-vpn (0.12.105+vyos2+lithium11) unstable; urgency=low [ Kim Hagen ] * Move execution of nhrp script to "end" of ipsec config [ Alex Harpin ] -- Alex Harpin Thu, 02 Apr 2015 21:53:48 +0100 vyatta-cfg-vpn (0.12.105+vyos2+lithium10) unstable; urgency=low [ Kim Hagen ] * Bug #367 - DMVPN Testing, but I do not see ESP traffic. [ Alex Harpin ] -- Alex Harpin Mon, 09 Feb 2015 22:23:51 +0000 vyatta-cfg-vpn (0.12.105+vyos2+lithium9) unstable; urgency=low * Remove @ from the id/remote-id help string. It was never required. -- Daniil Baturin Mon, 19 Jan 2015 13:01:38 +0100 vyatta-cfg-vpn (0.12.105+vyos2+lithium8) unstable; urgency=low * Bug #348: remove unnecessary restrictions on the PSK format. -- Daniil Baturin Mon, 19 Jan 2015 12:40:01 +0100 vyatta-cfg-vpn (0.12.105+vyos2+lithium7) unstable; urgency=low [ Alex Harpin ] * vyatta-cfg-vpn: update pre-shared secret key help for single quotes -- Alex Harpin Sat, 17 Jan 2015 19:00:11 +0000 vyatta-cfg-vpn (0.12.105+vyos2+lithium6) unstable; urgency=low * Update maintainer address -- Alex Harpin Fri, 26 Dec 2014 09:23:42 +0000 vyatta-cfg-vpn (0.12.105+vyos2+lithium5) unstable; urgency=low [ Jason Hendry ] * Exposing ikev2 reauth option in CLI, defaulting to 'no' * Fixing syntax error in vpn-config.pl, fixing allowed parameters in the per-tunnel ikev2-reauth node [ Daniil Baturin ] * Bug #414: quote the leftid value to avoid problems with non- alphanumeric characters. * Bug #415: use remote-id for peer ID unconditionally if it's set. -- Daniil Baturin Fri, 19 Dec 2014 21:40:28 +0100 vyatta-cfg-vpn (0.12.105+vyos2+lithium4) unstable; urgency=low [ Alex Harpin ] * vyatta-cfg-vpn: remove the cfgvti helper program -- Alex Harpin Fri, 05 Dec 2014 07:53:03 +0000 vyatta-cfg-vpn (0.12.105+vyos2+lithium3) unstable; urgency=low [ Alex Harpin ] * vyatta-cfg-vpn: move scripts/vtiIntf.pm to lib/Vyatta/VPN/vtiIntf.pm * vyatta-cfg-vpn: update parseVtiTun to account for vti changes * vyatta-cfg-vpn: update vti creation in line with changes to strongswan * vyatta-cfg-vpn: reduce the vti mark base to prevent integer overflow * vyatta-cfg-vpn: formatting changes for style consistency -- Alex Harpin Fri, 05 Dec 2014 00:24:52 +0000 vyatta-cfg-vpn (0.12.105+vyos2+lithium2) unstable; urgency=low * Update changelog for the new branch. -- Daniil Baturin Wed, 29 Oct 2014 22:22:22 +0100 vyatta-cfg-vpn (0.12.105+vyos2+lithium1) unstable; urgency=low * new branch -- Daniil Baturin Wed, 29 Oct 2014 22:21:03 +0100 vyatta-cfg-vpn (0.12.105+vyos1+helium4) unstable; urgency=low * Remove the VTI script after use. -- Daniil Baturin Sun, 19 Oct 2014 18:01:23 +0200 vyatta-cfg-vpn (0.12.105+vyos1+helium3) unstable; urgency=low [ Kim Hagen ] * Rename vyatta-update-nhrp.pl to vyos-update-nhrp.pl and change options * Remove gre-multipoint reference [ Alex Harpin ] * vyatta-cfg-vpn: add libnfnetlink-dev to build dependencies * vyatta-cfg-vpn: updated the debian package maintainer address * vyatta-cfg-vpn: fix for vti interface going down remains routed * vyatta-cfg-vpn: rename vti-up-down.sh to vti-up-down * vyatta-cfg-vpn: formatting changes for style consistency * vyatta-cfg-vpn: prevent duplicate local rsa key includes [ Daniil Baturin ] -- Daniil Baturin Wed, 08 Oct 2014 16:34:06 +0200 vyatta-cfg-vpn (0.12.105+vyos1+helium2) unstable; urgency=low [ Daniil Baturin ] * Bug #183: Add up-client action to the interface up/down script. [ Jeff Leung ] * Adding initial support for IKEv2/IKEv1 Site-to-Site VPN's by adding the optional "vpn ipsec ike-group key-exchange" parameter. [ Ryan Riske ] * Add support for DH groups 14-26 * Bug 220: Add support for SHA2 hashes [ Jeff Leung ] * Remove automatic IKE version negoiation. [ Ryan Riske ] * Bug 197: Add back support for groups 22-24 for phase2 pfs [ Jeff Leung ] * Initial MOBIKE Configuration Support [ Ryan Riske ] * Bug 241: Use auto=route for connection-type respond. [ Daniil Baturin ] * Bug #224: rename "enabled|disabled" to "enable|disable" for consistency. -- Daniil Baturin Sun, 03 Aug 2014 12:52:48 +0200 vyatta-cfg-vpn (0.12.105+vyos1+helium1) unstable; urgency=low * New branch -- Daniil Baturin Sat, 15 Feb 2014 16:55:34 +0100 vyatta-cfg-vpn (0.12.105+hydrogen2) unstable; urgency=low [ Stig Thormodsrud ] * Move %any peers to the end in ipsec.secrets * Fix vpn ppp up script [ Daniil Baturin ] -- Daniil Baturin Wed, 29 Jan 2014 04:30:23 +0100 vyatta-cfg-vpn (0.12.105+hydrogen1) unstable; urgency=low * New branch -- Daniil Baturin Sun, 17 Nov 2013 00:17:23 +0100 vyatta-cfg-vpn (0.12.105+daisy6) unstable; urgency=low * perltidy run for vyatta-cfg-vpn -- Saurabh Mohan Tue, 19 Feb 2013 16:27:11 -0800 vyatta-cfg-vpn (0.12.105+daisy5) unstable; urgency=low * mGRE support for change of local-ip addr change. -- Saurabh Mohan Tue, 12 Feb 2013 16:12:16 -0800 vyatta-cfg-vpn (0.12.105+daisy4) unstable; urgency=low * Bug 8666: merged. -- Saurabh Mohan Tue, 05 Feb 2013 14:57:44 -0800 vyatta-cfg-vpn (0.12.105+daisy3) unstable; urgency=low * Dmvpn merge with mirantis jan22-2013 -- Saurabh Mohan Tue, 22 Jan 2013 12:31:45 -0800 vyatta-cfg-vpn (0.12.105+daisy2) unstable; urgency=low * DMVPN support with profiles. -- Saurabh Mohan Thu, 27 Dec 2012 16:49:19 -0800 vyatta-cfg-vpn (0.12.105+daisy1) unstable; urgency=low * create daisy branch -- John Southworth Sat, 13 Oct 2012 13:30:46 -0700 vyatta-cfg-vpn (0.12.105) unstable; urgency=low * new branch -- John Southworth Fri, 12 Oct 2012 19:47:01 -0700 vyatta-cfg-vpn (0.12.104) unstable; urgency=low [ Bharat ] * Bug 8200: Changed grep to not display shim6 [ bharat ] -- bharat Thu, 04 Oct 2012 11:57:22 -0700 vyatta-cfg-vpn (0.12.103) unstable; urgency=low * Bugfix 8358: Handle vti tunnel src, dst changing while the bind tunnel name stays the same. -- Saurabh Mohan Tue, 18 Sep 2012 12:51:32 -0700 vyatta-cfg-vpn (0.12.102) unstable; urgency=low * Bugfix 8289: Vti mark values should be implicit -- Saurabh Mohan Mon, 10 Sep 2012 14:21:31 -0700 vyatta-cfg-vpn (0.12.101) unstable; urgency=low * Bugfix 8277: For connection type respond do not attempt keying forever -- Saurabh Mohan Tue, 04 Sep 2012 10:35:12 -0700 vyatta-cfg-vpn (0.12.100) unstable; urgency=low * Update config version from 3 to 4. -- Daniil Baturin Thu, 23 Aug 2012 21:56:18 +0700 vyatta-cfg-vpn (0.12.99) unstable; urgency=low * Bugfix: 8276: Change htonl after parsing the input. -- Saurabh Mohan Mon, 13 Aug 2012 18:59:25 -0700 vyatta-cfg-vpn (0.12.98) unstable; urgency=low * Bugfix 8276: Vti not working on a 32-bit machine due to sign bit overload. -- Saurabh Mohan Mon, 13 Aug 2012 14:43:29 -0700 vyatta-cfg-vpn (0.12.97) unstable; urgency=low * Bugfix 8264: Check if the intf name is defined before using it in the script. -- Saurabh Mohan Thu, 09 Aug 2012 14:08:40 -0700 vyatta-cfg-vpn (0.12.96) unstable; urgency=low * Bugfix 8222: deletion and adding bind parameter under vti deletes vti interface in show interfaces output though vti configuration exists -- Saurabh Mohan Wed, 25 Jul 2012 14:54:38 -0700 vyatta-cfg-vpn (0.12.95) unstable; urgency=low * Workaround to setup vti ko and cleaner error message. -- Saurabh Mohan Mon, 16 Jul 2012 14:27:23 -0700 vyatta-cfg-vpn (0.12.94) unstable; urgency=low * Bugfix: 8015: supress perl warnings. -- Saurabh Mohan Mon, 18 Jun 2012 10:45:52 -0700 vyatta-cfg-vpn (0.12.93) unstable; urgency=low * VTI: Add support call for checking for vti interface name. -- Saurabh Mohan Mon, 11 Jun 2012 17:50:57 -0700 vyatta-cfg-vpn (0.12.92) unstable; urgency=low * VTI bring tunnel based on ipsec-sa state. -- Saurabh Mohan Mon, 04 Jun 2012 16:41:12 -0700 vyatta-cfg-vpn (0.12.91) unstable; urgency=low * Bugfix 8100: Be flexible in char accepted in id field. -- Saurabh Mohan Thu, 31 May 2012 18:40:43 -0700 vyatta-cfg-vpn (0.12.90) unstable; urgency=low * Default keyexchange ikev1. * VTI: cfg mark/bind change handlers. -- Saurabh Mohan Fri, 18 May 2012 14:51:58 -0700 vyatta-cfg-vpn (0.12.89) unstable; urgency=low * Vti config support. -- Saurabh Mohan Wed, 16 May 2012 17:46:40 -0700 vyatta-cfg-vpn (0.12.88) unstable; urgency=low * Add a script for validating single IPv4 or IPv6 address with no prefix * Rename local-ip option to local-address. * Add IPv6 address completion for peer. * Fix protocol help string capitalization. * Rename "local/remote subnet" to "local/remote prefix". * Add any special case for local-address instead of 0.0.0.0. * Add commit-time config validation. -- Daniil Baturin Thu, 29 Mar 2012 03:19:37 +0700 vyatta-cfg-vpn (0.12.87) unstable; urgency=low * new branch -- Deepti Kulkarni Sat, 03 Mar 2012 02:25:40 -0800 vyatta-cfg-vpn (0.12.86) unstable; urgency=low * Fix uninitilized bug -- John Southworth Wed, 29 Feb 2012 19:19:00 +0000 vyatta-cfg-vpn (0.12.85) unstable; urgency=low * Bugfix 6839: Warn that pre-shared key changes aren't loaded until a rekey interval -- John Southworth Tue, 28 Feb 2012 13:32:32 -0800 vyatta-cfg-vpn (0.12.84) unstable; urgency=low * Switched POSIX character classes to standard character classes representing the same data; removed unneeded '.' from regex; add similar regex to match remote-id -- John Southworth Mon, 19 Sep 2011 16:59:20 -0500 vyatta-cfg-vpn (0.12.83) unstable; urgency=low * Remove no longer mandatory nodes so that VPN will work smoothly with webgui2 -- John Southworth Mon, 11 Jul 2011 18:42:52 -0500 vyatta-cfg-vpn (0.12.82) unstable; urgency=low * new branch -- Deepti Kulkarni Thu, 07 Jul 2011 20:56:08 -0700 vyatta-cfg-vpn (0.12.81) unstable; urgency=low * Bugfix 6767: Move /tmp/ipsec.log to /var/log/vyatta and rotate it. -- Bob Gilligan Wed, 15 Jun 2011 18:29:05 -0700 vyatta-cfg-vpn (0.12.80) unstable; urgency=low * Bugfix 7145: same changes were needed for site-to-site as well -- John Southworth Wed, 08 Jun 2011 17:44:40 -0500 vyatta-cfg-vpn (0.12.79) unstable; urgency=low * add help and check for missed auth node so users put it in /config -- Mohit Mehta Fri, 15 Apr 2011 14:08:55 -0700 vyatta-cfg-vpn (0.12.78) unstable; urgency=low * * Add help and checks for IPsec x509 nodes to push -- Mohit Mehta Wed, 13 Apr 2011 18:09:27 -0700 vyatta-cfg-vpn (0.12.77) unstable; urgency=low * Bugfix 6972: Suppress messages from the ipsec dhcp script -- John Southworth Fri, 01 Apr 2011 17:14:16 -0500 vyatta-cfg-vpn (0.12.76) unstable; urgency=low * Fix perlcritic errors -- John Southworth Tue, 08 Mar 2011 16:53:29 -0600 vyatta-cfg-vpn (0.12.75) unstable; urgency=low * Much cleaner way to do the check to see if something has changed in the ipsec or rsa-key config tree. -- John Southworth Wed, 23 Feb 2011 18:36:02 -0600 vyatta-cfg-vpn (0.12.74) unstable; urgency=low * Don't make vpn-config.pl run if there were no relevant changes, before it ran everytime there was a change in pptp or l2tp configs as well. -- John Southworth Wed, 23 Feb 2011 18:05:47 -0600 vyatta-cfg-vpn (0.12.73) unstable; urgency=low * Add bond interfaces to available dhcp interfaces in tab completion * Make sure only interfaces with dhcp enabled are allowed as a dhcp- interface * Fix some dhcp config problems -- John Southworth Tue, 22 Feb 2011 19:58:49 -0600 vyatta-cfg-vpn (0.12.72) unstable; urgency=low * Fix minor x509 configuration error message problem * fix some node.def errors -- John Southworth Tue, 22 Feb 2011 17:54:18 -0600 vyatta-cfg-vpn (0.12.71) unstable; urgency=low * Fix the no old ip given from dhclient problem -- John Southworth Thu, 17 Feb 2011 18:28:49 -0600 vyatta-cfg-vpn (0.12.70) unstable; urgency=low * Log the change when this script is run -- John Southworth Thu, 17 Feb 2011 16:14:36 -0600 vyatta-cfg-vpn (0.12.69) unstable; urgency=low * Reread secrets before an update -- John Southworth Thu, 17 Feb 2011 15:41:28 -0600 vyatta-cfg-vpn (0.12.68) unstable; urgency=low * Fix initial boot problems for dhcp interfaces -- John Southworth Thu, 17 Feb 2011 13:32:48 -0600 vyatta-cfg-vpn (0.12.67) unstable; urgency=low * Added Placeholder for ipsec dhclient hook -- John Southworth Thu, 17 Feb 2011 11:57:42 -0600 vyatta-cfg-vpn (0.12.66) unstable; urgency=low * Initial support for configuring dhcp-interfaces for IPSEC, needs testing -- John Southworth Wed, 16 Feb 2011 19:16:41 -0600 vyatta-cfg-vpn (0.12.65) unstable; urgency=low * Add template for auto-update cli -- John Southworth Wed, 09 Feb 2011 13:45:44 -0600 vyatta-cfg-vpn (0.12.64) unstable; urgency=low * Initial x509 for site-to-site ipsec vpn -- John Southworth Tue, 08 Feb 2011 19:07:06 -0600 vyatta-cfg-vpn (0.12.63) unstable; urgency=low * Bugfix 5802: add auto-update feature, for Dynamic DNS peers -- John Southworth Mon, 07 Feb 2011 15:59:29 -0600 vyatta-cfg-vpn (0.12.62) unstable; urgency=low * change ipsec config version in Makefile as well -- Mohit Mehta Fri, 04 Feb 2011 18:34:18 -0800 vyatta-cfg-vpn (0.12.61) unstable; urgency=low * change ipsec config version * change ipsec config version -- John Southworth Fri, 04 Feb 2011 19:20:42 -0600 vyatta-cfg-vpn (0.12.60) unstable; urgency=low * Add the ability to define a default esp group for tunnels under a peer to use -- John Southworth Fri, 04 Feb 2011 17:48:59 -0600 vyatta-cfg-vpn (0.12.59) unstable; urgency=low * Move protocol out of local and remote nodes as it has to be the same -- John Southworth Fri, 04 Feb 2011 13:24:13 -0600 vyatta-cfg-vpn (0.12.58) unstable; urgency=low * Initial additions to support local and remote protoport in general instead of just for GRE -- John Southworth Thu, 03 Feb 2011 19:21:54 -0600 vyatta-cfg-vpn (0.12.57) unstable; urgency=low * Make vpn errors and exiting consistent -- John Southworth Mon, 31 Jan 2011 17:09:33 -0600 vyatta-cfg-vpn (0.12.56) unstable; urgency=low * Fix problem with multiple psk being generated per peer -- John Southworth Mon, 31 Jan 2011 13:28:52 -0600 vyatta-cfg-vpn (0.12.55) unstable; urgency=low * Bugfix: 5684, added quotes around rsa keys in ipsec.conf so that strongswan doesn't fail on == -- John Southworth Fri, 28 Jan 2011 16:38:54 -0600 vyatta-cfg-vpn (0.12.54) unstable; urgency=low * Bugfix: 5677 add protoport option for simpler GRE tunnels, for now this is specifically for GRE more protocols can be added in the future if required. -- John Southworth Wed, 26 Jan 2011 19:02:50 -0600 vyatta-cfg-vpn (0.12.53) unstable; urgency=low * Make VPN config die after the first error occurs instead of continuing to process the rest of the config -- John Southworth Wed, 26 Jan 2011 12:33:01 -0600 vyatta-cfg-vpn (0.12.52) unstable; urgency=low * Fixed node.def to adhere to CLI conventions -- John Southworth Wed, 26 Jan 2011 11:24:14 -0600 vyatta-cfg-vpn (0.12.51) unstable; urgency=low * Bug 2506: Moved the connection-type node to the peer level, as discussed with support. -- John Southworth Wed, 26 Jan 2011 11:02:54 -0600 vyatta-cfg-vpn (0.12.50) unstable; urgency=low * Bugfix 6068. This fixes the given perl problem, however there may be more that appear. We should die when an error is found and stop processing the file -- John Southworth Tue, 25 Jan 2011 18:42:07 -0600 vyatta-cfg-vpn (0.12.49) unstable; urgency=low * Bugfix 6229: don't allow local and remote subnets to be the same -- John Southworth Tue, 25 Jan 2011 18:21:22 -0600 vyatta-cfg-vpn (0.12.48) unstable; urgency=low * bugfix: 2506 added option to define initiatior or responder mode * bugfix: 2506 added option to define initiatior or responder mode -- John Southworth Tue, 25 Jan 2011 18:12:54 -0600 vyatta-cfg-vpn (0.12.47) unstable; urgency=low * fix conflict while merging * make adjustment so that op mode can deal with new secrets file format -- John Southworth Thu, 20 Jan 2011 19:41:18 -0600 vyatta-cfg-vpn (0.12.46) unstable; urgency=low * error location support changes to vpn (local-ip and auth missing only at this time). * more location based error support. -- Michael Larson Mon, 17 Jan 2011 12:11:55 -0800 vyatta-cfg-vpn (0.12.45) unstable; urgency=low * new branch -- An-Cheng Huang Tue, 28 Dec 2010 13:48:03 -0800 vyatta-cfg-vpn (0.12.44) unstable; urgency=low * remove deprecated linda override * Fix email address * Update list of created files in .gitignore -- Stephen Hemminger Fri, 26 Nov 2010 11:10:24 -0800 vyatta-cfg-vpn (0.12.43) unstable; urgency=low * UNRELEASED -- An-Cheng Huang Thu, 02 Sep 2010 18:28:36 -0700 vyatta-cfg-vpn (0.12.42) unstable; urgency=low * remove low-level config dir usage -- An-Cheng Huang Tue, 17 Aug 2010 18:24:29 -0700 vyatta-cfg-vpn (0.12.41) unstable; urgency=low * update help text to use val_help -- An-Cheng Huang Tue, 17 Aug 2010 15:31:14 -0700 vyatta-cfg-vpn (0.12.40) unstable; urgency=low * UNRELEASED -- An-Cheng Huang Thu, 22 Jul 2010 17:23:43 -0700 vyatta-cfg-vpn (0.12.39) unstable; urgency=low * remove unused options -- An-Cheng Huang Thu, 22 Jul 2010 11:32:45 -0700 vyatta-cfg-vpn (0.12.38) unstable; urgency=low * remove verb usage from begining of help strings -- Mohit Mehta Wed, 21 Jul 2010 18:37:19 -0700 vyatta-cfg-vpn (0.12.37) unstable; urgency=low * Fix Bug 5652 set ike/ipsec keying tries to forever -- Mohit Mehta Thu, 03 Jun 2010 16:36:11 -0700 vyatta-cfg-vpn (0.12.36) unstable; urgency=low * add passthrough connection if remote-subnet contains local-subnet -- Mohit Mehta Wed, 26 May 2010 20:15:16 -0700 vyatta-cfg-vpn (0.12.35) unstable; urgency=low * Fix Bug 5542 -- Mohit Mehta Mon, 19 Apr 2010 18:48:05 -0700 vyatta-cfg-vpn (0.12.34) unstable; urgency=low * Fix Bug 5500 Unable to establish a VPN connection from a remote peer with a -- Mohit Mehta Wed, 31 Mar 2010 15:36:41 -0700 vyatta-cfg-vpn (0.12.33) unstable; urgency=low * Replace old form (expression) in end: tag * Fix perl critic warnings -- Stephen Hemminger Tue, 30 Mar 2010 08:33:14 -0700 vyatta-cfg-vpn (0.12.32) unstable; urgency=low * Fix Bug 5087 add support to specify PFS group when PFS is enabled -- Mohit Mehta Thu, 18 Mar 2010 14:56:04 -0700 vyatta-cfg-vpn (0.12.31) unstable; urgency=low * UNRELEASED -- An-Cheng Huang Wed, 17 Feb 2010 16:13:41 -0800 vyatta-cfg-vpn (0.12.30) unstable; urgency=low * 1. use correct notation to represent private,public networks -- Mohit Mehta Fri, 05 Feb 2010 19:06:12 -0800 vyatta-cfg-vpn (0.12.29) unstable; urgency=low * Fix Bug 1832 VPN copy-tos Disabling copy-tos field doesn't work -- Mohit Mehta Sat, 30 Jan 2010 13:45:09 -0800 vyatta-cfg-vpn (0.12.28) unstable; urgency=low * remove dead code. we use 'ipsec update' to update changes to connections now * perltidy vpn-config.pl -- Mohit Mehta Thu, 28 Jan 2010 15:46:23 -0800 vyatta-cfg-vpn (0.12.27) unstable; urgency=low * add back CLI node for disabling uniqreqid -- Mohit Mehta Mon, 25 Jan 2010 14:35:18 -0800 vyatta-cfg-vpn (0.12.26) unstable; urgency=low * bump up ipsec version -- Mohit Mehta Thu, 14 Jan 2010 12:06:23 -0800 vyatta-cfg-vpn (0.12.25) unstable; urgency=low * vyatta-cfg-vpn depends on vyatta-ipsec provided by vyatta-strongswan * First pass code changes to vyatta-cfg-vpn for migration to strongswan : * no need to maintain state of connections and take state-specific actions for * add comment to identify end of connection description * * remove extraneous unused code * Do not start IKEv2 daemon for now * use leftsourceip to add route to remote subnet -- Mohit Mehta Tue, 12 Jan 2010 17:20:05 -0800 vyatta-cfg-vpn (0.12.24) unstable; urgency=low * skipping used tags -- Mohit Mehta Wed, 02 Dec 2009 10:57:39 -0800 vyatta-cfg-vpn (0.12.22) unstable; urgency=low * added required keyword to help text. -- Michael Larson Mon, 30 Nov 2009 16:45:35 -0800 vyatta-cfg-vpn (0.12.21) unstable; urgency=low * pptp config check not needed when vpn ipsec is configured * 0.12.19 -- Mohit Mehta Wed, 25 Nov 2009 16:05:50 -0800 vyatta-cfg-vpn (0.12.19) unstable; urgency=low * pptp config check not needed when vpn ipsec is configured -- Mohit Mehta Wed, 25 Nov 2009 15:59:16 -0800 vyatta-cfg-vpn (0.12.18) unstable; urgency=low * dependency update -- Michael Larson Fri, 13 Nov 2009 14:13:54 -0800 vyatta-cfg-vpn (0.12.17) unstable; urgency=low * use vyatta openswan -- An-Cheng Huang Fri, 06 Nov 2009 15:05:37 -0800 vyatta-cfg-vpn (0.12.16) unstable; urgency=low [ Robert Bays ] * add support for same reqids to openswan cfg [ Mohit Mehta ] * indent and reformat script using perltidy in hope of making it easier to read * more formatting clean-up -- Mohit Mehta Mon, 02 Nov 2009 16:29:01 -0800 vyatta-cfg-vpn (0.12.15) unstable; urgency=low * add priority to project node. -- slioch Tue, 20 Oct 2009 16:21:00 -0700 vyatta-cfg-vpn (0.12.14) unstable; urgency=low * add allowed values for ike, esp groups -- Mohit Mehta Fri, 09 Oct 2009 18:36:18 -0700 vyatta-cfg-vpn (0.12.13) unstable; urgency=low * Fix Bug 3011 Remote VPN configuration issues site-to-site warning -- Mohit Mehta Tue, 06 Oct 2009 16:27:25 -0700 vyatta-cfg-vpn (0.12.12) unstable; urgency=low * Fix 4902: setting ipsec site-to-site tunnel with authentication id <> and local-ip 0.0.0.0 got "no connection named <>" -- Stig Thormodsrud Fri, 04 Sep 2009 17:16:42 -0700 vyatta-cfg-vpn (0.12.11) unstable; urgency=low * add enable node below tunnel with default flag = true * convert enable to disable node for vpn tunnel * added support in configuration script to support tunnel disable node. * manage state of add|delete|restart on connections for vpn given disable node. -- slioch Thu, 27 Aug 2009 14:36:04 -0700 vyatta-cfg-vpn (0.12.10) unstable; urgency=low * added description field to site-to-site peer. -- slioch Thu, 13 Aug 2009 09:24:10 -0700 vyatta-cfg-vpn (0.12.9) unstable; urgency=low * Fix 4623: Removing IPSEC VPN config without removing cluster ipsec config drops all interfaces. -- Stig Thormodsrud Fri, 10 Jul 2009 14:13:06 -0700 vyatta-cfg-vpn (0.12.8) unstable; urgency=low * UNRELEASED -- An-Cheng Huang Fri, 29 May 2009 18:35:35 -0700 vyatta-cfg-vpn (0.12.7) unstable; urgency=low * Fix 3836: Allow VPN authentication ID to accept values of IP address, domain name and "" enclosed phrases -- Stig Thormodsrud Tue, 26 May 2009 18:51:05 -0700 vyatta-cfg-vpn (0.12.6) unstable; urgency=low * Bugfix 3284: Allow commit to succeed if local-ip is not configured. -- Bob Gilligan Wed, 08 Apr 2009 18:04:59 -0700 vyatta-cfg-vpn (0.12.5) unstable; urgency=low * Bugfix 2387: Don't list interfaces in ipsec config file. -- Bob Gilligan Mon, 06 Apr 2009 16:43:15 -0700 vyatta-cfg-vpn (0.12.4) unstable; urgency=low * Change "ipsec-interfaces" to use vyatta-interfaces.pl for allowed tag. -- Stig Thormodsrud Thu, 26 Mar 2009 12:29:06 -0700 vyatta-cfg-vpn (0.12.3) unstable; urgency=low * Fix 4219: IPsec VPN does not launch on boot, error "The local-ip address X.X.X.X of peer "X.X.X.X" has not been configured in any of the local. -- Stig Thormodsrud Mon, 16 Mar 2009 20:57:23 -0700 vyatta-cfg-vpn (0.12.2) unstable; urgency=low * Remove perlcritic warnings * Fix use of unitialized value * Fix ambiguous use of $log -- Stephen Hemminger Thu, 12 Feb 2009 14:22:11 -0800 vyatta-cfg-vpn (0.12.1) unstable; urgency=low [ An-Cheng Huang ] * add support for development build [ Stephen Hemminger ] * Rename VyattaVPNUtil to Vyatta::VPNUtil * Convert to Vyatta:: hierarchy [ An-Cheng Huang ] * update maintainer information * "files" file should be removed before package build -- An-Cheng Huang Thu, 08 Jan 2009 09:26:01 -0800 vyatta-cfg-vpn (0.12) unstable; urgency=low 3.2.0 [ Mark O'Brien ] [ Mohit Mehta ] * allow '+' as a valid character in pre-shared-secret [ Stig Thormodsrud ] * Remove unused rsa keys. [ Mohit Mehta ] * Part of fix for bug 3762 Update help and error strings for vpn pre- shared secret value [ Mark O'Brien ] -- Mark O'Brien Tue, 25 Nov 2008 19:09:27 -0800 vyatta-cfg-vpn (0.11) unstable; urgency=low 3.1.2 [ Mark O'Brien ] [ Stig Thormodsrud ] * Fix 3300: VPN over PPPOE completely fails on reboot [ An-Cheng Huang ] * fix for bug 3044: hide perl error messages * add config version file * fix for bugs 3044, 3047, and 3048: support ipsec road warriors. [ Mark O'Brien ] -- Mark O'Brien Wed, 23 Jul 2008 21:35:55 -0700 vyatta-cfg-vpn (0.10) unstable; urgency=low 3.1.0 [ Mark O'Brien ] [ Mohit Mehta ] * - disallowing use of special characters ';' and '?' in pre-shared- secret as they were not in glendale * Bug 3194 VPN: xml error in "show vpn ike" command output * Bug 3194 VPN: xml error in "show vpn ike" command output [ Stig Thormodsrud ] * Fix 2043: enhancement - add ability to use a hostname instead of IP address fo VPN peer. [ rbalocca ] * Ignore derived files [ Stig Thormodsrud ] * Fix 3182: VPN should not be started at boot unless configured. [ rbalocca ] * Don't include empty dir in the debian package * Convert to our method of changelog creation [ Mohit Mehta ] * Fix Bug 3069 Help strings should be standardized [ Mark O'Brien ] -- Mark O'Brien Tue, 17 Jun 2008 09:26:29 -0700 vyatta-cfg-vpn (0.9) unstable; urgency=low 3.0.5 -- Mark O'Brien Tue, 06 May 2008 12:43:17 -0700 vyatta-cfg-vpn (0.8) unstable; urgency=low 3.0.4 -- Mark O'Brien Mon, 05 May 2008 16:40:37 -0700 vyatta-cfg-vpn (0.7) unstable; urgency=low 3.0.3 [ Mark O'Brien ] [ rbalocca ] * Indicate the VC4.0.2 release candidate in the changelog [ Mark O'Brien ] -- Mark O'Brien Tue, 29 Apr 2008 16:42:18 -0700 vyatta-cfg-vpn (0.6) unstable; urgency=low VC4.0.2 -- Mark O'Brien Sat, 19 Apr 2008 11:56:04 -0700 vyatta-cfg-vpn (0.5) unstable; urgency=low VC4.0.2 release candidate [ Mark O'Brien ] [ Stig Thormodsrud ] * Fix 3046: vpn: transport mode not working with current vyatta config [ Mark O'Brien ] -- Mark O'Brien Wed, 16 Apr 2008 09:50:06 -0700 vyatta-cfg-vpn (0.4) unstable; urgency=low 3.0.2 [ Mark O'Brien ] * 3.0.1 [ rbalocca ] * Fix debian dependencies * Set dependencies on either bash or vyatta-bash [ Mark O'Brien ] -- Mark O'Brien Fri, 04 Apr 2008 18:00:37 -0700 vyatta-cfg-vpn (0.3) unstable; urgency=low VC4.0.1 [ Mark O'Brien ] [ Stephen Hemminger ] * Replace VPL with GPLv2 * Convert from VPL 1.0 to GPLv2 [ Mark O'Brien ] -- Mark O'Brien Tue, 18 Mar 2008 19:04:00 -0700 vyatta-cfg-vpn (0.2) unstable; urgency=low vc4.0.0 [ Mark O'Brien ] [ An-Cheng Huang ] * convert templates to new syntax [ Marat Nepomnyashy ] * Treat ipsec return code 26624 as normal when bringing up a connection, but treat all other error codes as errors. Bug 2671 fix. Also added settings 'nhelpers=5' to mitigate Openswan Bug 412 and 'plutowait=yes' to mitigate Openswan Bug 198. * Check for the case when authentication mode is not specified to prevent Perl uninitialized value error. Bug 2772 fix. [ Stig Thormodsrud ] * Fix 2838 Clearing VPN process starts VPN, even if not configured [ Mark O'Brien ] -- Mark O'Brien Mon, 25 Feb 2008 17:38:42 -0800 vyatta-cfg-vpn (0.1) unstable; urgency=low * Initial Release. -- Stig Thormodsrud Wed, 19 Dec 2007 14:09:00 -0700