diff options
author | Lucas Christian <lucas@lucasec.com> | 2023-12-28 22:26:56 -0800 |
---|---|---|
committer | Lucas Christian <lucas@lucasec.com> | 2024-07-22 10:57:45 -0700 |
commit | 4d2c89dcd50d3c158dc76ac5ab843dd66105bc02 (patch) | |
tree | 89d8e422877570c818ab49ae9f0f17ef9492bb1b /interface-definitions | |
parent | e64322c2171a63d5fe52a431b948727d1df27d9c (diff) | |
download | vyos-1x-4d2c89dcd50d3c158dc76ac5ab843dd66105bc02.tar.gz vyos-1x-4d2c89dcd50d3c158dc76ac5ab843dd66105bc02.zip |
T5873: vpn ipsec remote-access: support VTI interfaces
Diffstat (limited to 'interface-definitions')
-rw-r--r-- | interface-definitions/include/ipsec/bind.xml.i | 10 | ||||
-rw-r--r-- | interface-definitions/vpn_ipsec.xml.in | 49 |
2 files changed, 51 insertions, 8 deletions
diff --git a/interface-definitions/include/ipsec/bind.xml.i b/interface-definitions/include/ipsec/bind.xml.i new file mode 100644 index 000000000..edc46d403 --- /dev/null +++ b/interface-definitions/include/ipsec/bind.xml.i @@ -0,0 +1,10 @@ +<!-- include start from ipsec/bind.xml.i --> +<leafNode name="bind"> + <properties> + <help>VTI tunnel interface associated with this configuration</help> + <completionHelp> + <path>interfaces vti</path> + </completionHelp> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in index 4a7fde75b..d9d6fd93b 100644 --- a/interface-definitions/vpn_ipsec.xml.in +++ b/interface-definitions/vpn_ipsec.xml.in @@ -854,6 +854,7 @@ #include <include/dhcp-interface.xml.i> #include <include/ipsec/local-traffic-selector.xml.i> #include <include/ipsec/replay-window.xml.i> + #include <include/ipsec/bind.xml.i> <leafNode name="timeout"> <properties> <help>Timeout to close connection if no data is transmitted</help> @@ -978,6 +979,45 @@ </constraint> </properties> </leafNode> + <node name="range"> + <properties> + <help>Local IPv4 or IPv6 pool range</help> + </properties> + <children> + <leafNode name="start"> + <properties> + <help>First IP address for local pool range</help> + <valueHelp> + <format>ipv4</format> + <description>IPv4 start address of pool</description> + </valueHelp> + <valueHelp> + <format>ipv6</format> + <description>IPv6 start address of pool</description> + </valueHelp> + <constraint> + <validator name="ip-address"/> + </constraint> + </properties> + </leafNode> + <leafNode name="stop"> + <properties> + <help>Last IP address for local pool range</help> + <valueHelp> + <format>ipv4</format> + <description>IPv4 end address of pool</description> + </valueHelp> + <valueHelp> + <format>ipv6</format> + <description>IPv6 end address of pool</description> + </valueHelp> + <constraint> + <validator name="ip-address"/> + </constraint> + </properties> + </leafNode> + </children> + </node> #include <include/name-server-ipv4-ipv6.xml.i> </children> </tagNode> @@ -1201,14 +1241,7 @@ <help>Virtual tunnel interface</help> </properties> <children> - <leafNode name="bind"> - <properties> - <help>VTI tunnel interface associated with this configuration</help> - <completionHelp> - <path>interfaces vti</path> - </completionHelp> - </properties> - </leafNode> + #include <include/ipsec/bind.xml.i> #include <include/ipsec/esp-group.xml.i> </children> </node> |