diff options
| author | Christian Poessinger <christian@poessinger.com> | 2021-07-03 15:42:03 +0200 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2021-07-03 15:42:03 +0200 |
| commit | dcfeb0de0a510d00c37101da50205b51dd464d72 (patch) | |
| tree | 4352ed737a931a3d6fbbfb6ecd99cfb84f34661f /interface-definitions/vpn_ipsec.xml.in | |
| parent | 13924804aafa9a43b4a300fb9afbdf29b69603fb (diff) | |
| parent | 1e74c0df2179c60036e440e15ed9036163039b2a (diff) | |
| download | vyos-1x-dcfeb0de0a510d00c37101da50205b51dd464d72.tar.gz vyos-1x-dcfeb0de0a510d00c37101da50205b51dd464d72.zip | |
Merge branch 'ipsec-ikev2-remote-access' of github.com:c-po/vyos-1x into current
* 'ipsec-ikev2-remote-access' of github.com:c-po/vyos-1x:
ipsec: T2816: remove default values from Jinja2 template and place them in XML
ipsec: T2816: rework IKE and ESP key assignment
ipsec: T2816: add Jinja2 converter for ESP/IKE groups to string
ipsec: T2816: adjust Jinja2 template to coding style
xml: provide building block for a generic description node
Diffstat (limited to 'interface-definitions/vpn_ipsec.xml.in')
| -rw-r--r-- | interface-definitions/vpn_ipsec.xml.in | 59 |
1 files changed, 29 insertions, 30 deletions
diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in index 7b1b3a595..a2e9a7a5a 100644 --- a/interface-definitions/vpn_ipsec.xml.in +++ b/interface-definitions/vpn_ipsec.xml.in @@ -64,6 +64,7 @@ <validator name="numeric" argument="--range 30-86400"/> </constraint> </properties> + <defaultValue>3600</defaultValue> </leafNode> <leafNode name="mode"> <properties> @@ -83,6 +84,7 @@ <regex>^(tunnel|transport)$</regex> </constraint> </properties> + <defaultValue>tunnel</defaultValue> </leafNode> <leafNode name="pfs"> <properties> @@ -92,95 +94,95 @@ </completionHelp> <valueHelp> <format>enable</format> - <description>Enable PFS. Use ike-groups dh-group (default)</description> + <description>Use Diffie-Hellman group 2 (modp1024) - default</description> </valueHelp> <valueHelp> <format>dh-group1</format> - <description>Enable PFS. Use Diffie-Hellman group 1 (modp768)</description> + <description>Use Diffie-Hellman group 1 (modp768)</description> </valueHelp> <valueHelp> <format>dh-group2</format> - <description>Enable PFS. Use Diffie-Hellman group 2 (modp1024)</description> + <description>Use Diffie-Hellman group 2 (modp1024)</description> </valueHelp> <valueHelp> <format>dh-group5</format> - <description>Enable PFS. Use Diffie-Hellman group 5 (modp1536)</description> + <description>Use Diffie-Hellman group 5 (modp1536)</description> </valueHelp> <valueHelp> <format>dh-group14</format> - <description>Enable PFS. Use Diffie-Hellman group 14 (modp2048)</description> + <description>Use Diffie-Hellman group 14 (modp2048)</description> </valueHelp> <valueHelp> <format>dh-group15</format> - <description>Enable PFS. Use Diffie-Hellman group 15 (modp3072)</description> + <description>Use Diffie-Hellman group 15 (modp3072)</description> </valueHelp> <valueHelp> <format>dh-group16</format> - <description>Enable PFS. Use Diffie-Hellman group 16 (modp4096)</description> + <description>Use Diffie-Hellman group 16 (modp4096)</description> </valueHelp> <valueHelp> <format>dh-group17</format> - <description>Enable PFS. Use Diffie-Hellman group 17 (modp6144)</description> + <description>Use Diffie-Hellman group 17 (modp6144)</description> </valueHelp> <valueHelp> <format>dh-group18</format> - <description>Enable PFS. Use Diffie-Hellman group 18 (modp8192)</description> + <description>Use Diffie-Hellman group 18 (modp8192)</description> </valueHelp> <valueHelp> <format>dh-group19</format> - <description>Enable PFS. Use Diffie-Hellman group 19 (ecp256)</description> + <description>Use Diffie-Hellman group 19 (ecp256)</description> </valueHelp> <valueHelp> <format>dh-group20</format> - <description>Enable PFS. Use Diffie-Hellman group 20 (ecp384)</description> + <description>Use Diffie-Hellman group 20 (ecp384)</description> </valueHelp> <valueHelp> <format>dh-group21</format> - <description>Enable PFS. Use Diffie-Hellman group 21 (ecp521)</description> + <description>Use Diffie-Hellman group 21 (ecp521)</description> </valueHelp> <valueHelp> <format>dh-group22</format> - <description>Enable PFS. Use Diffie-Hellman group 22 (modp1024s160)</description> + <description>Use Diffie-Hellman group 22 (modp1024s160)</description> </valueHelp> <valueHelp> <format>dh-group23</format> - <description>Enable PFS. Use Diffie-Hellman group 23 (modp2048s224)</description> + <description>Use Diffie-Hellman group 23 (modp2048s224)</description> </valueHelp> <valueHelp> <format>dh-group24</format> - <description>Enable PFS. Use Diffie-Hellman group 24 (modp2048s256)</description> + <description>Use Diffie-Hellman group 24 (modp2048s256)</description> </valueHelp> <valueHelp> <format>dh-group25</format> - <description>Enable PFS. Use Diffie-Hellman group 25 (ecp192)</description> + <description>Use Diffie-Hellman group 25 (ecp192)</description> </valueHelp> <valueHelp> <format>dh-group26</format> - <description>Enable PFS. Use Diffie-Hellman group 26 (ecp224)</description> + <description>Use Diffie-Hellman group 26 (ecp224)</description> </valueHelp> <valueHelp> <format>dh-group27</format> - <description>Enable PFS. Use Diffie-Hellman group 27 (ecp224bp)</description> + <description>Use Diffie-Hellman group 27 (ecp224bp)</description> </valueHelp> <valueHelp> <format>dh-group28</format> - <description>Enable PFS. Use Diffie-Hellman group 28 (ecp256bp)</description> + <description>Use Diffie-Hellman group 28 (ecp256bp)</description> </valueHelp> <valueHelp> <format>dh-group29</format> - <description>Enable PFS. Use Diffie-Hellman group 29 (ecp384bp)</description> + <description>Use Diffie-Hellman group 29 (ecp384bp)</description> </valueHelp> <valueHelp> <format>dh-group30</format> - <description>Enable PFS. Use Diffie-Hellman group 30 (ecp512bp)</description> + <description>Use Diffie-Hellman group 30 (ecp512bp)</description> </valueHelp> <valueHelp> <format>dh-group31</format> - <description>Enable PFS. Use Diffie-Hellman group 31 (curve25519)</description> + <description>Use Diffie-Hellman group 31 (curve25519)</description> </valueHelp> <valueHelp> <format>dh-group32</format> - <description>Enable PFS. Use Diffie-Hellman group 32 (curve448)</description> + <description>Use Diffie-Hellman group 32 (curve448)</description> </valueHelp> <valueHelp> <format>disable</format> @@ -190,6 +192,7 @@ <regex>^(enable|dh-group1|dh-group2|dh-group5|dh-group14|dh-group15|dh-group16|dh-group17|dh-group18|dh-group19|dh-group20|dh-group21|dh-group22|dh-group23|dh-group24|dh-group25|dh-group26|dh-group27|dh-group28|dh-group29|dh-group30|dh-group31|dh-group32|disable)$</regex> </constraint> </properties> + <defaultValue>enable</defaultValue> </leafNode> <tagNode name="proposal"> <properties> @@ -341,6 +344,7 @@ <validator name="numeric" argument="--range 30-86400"/> </constraint> </properties> + <defaultValue>28800</defaultValue> </leafNode> <leafNode name="mobike"> <properties> @@ -708,7 +712,7 @@ </tagNode> <node name="site-to-site"> <properties> - <help>Site to site VPN</help> + <help>Site-to-site VPN</help> </properties> <children> <tagNode name="peer"> @@ -837,12 +841,7 @@ </completionHelp> </properties> </leafNode> - <leafNode name="description"> - <properties> - <help>VPN peer description</help> - <valueless/> - </properties> - </leafNode> + #include <include/generic-description.xml.i> <leafNode name="dhcp-interface"> <properties> <help>DHCP interface to listen on</help> |