summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorLucas Christian <lucas@lucasec.com>2023-12-28 22:26:56 -0800
committerLucas Christian <lucas@lucasec.com>2024-07-22 10:57:45 -0700
commit4d2c89dcd50d3c158dc76ac5ab843dd66105bc02 (patch)
tree89d8e422877570c818ab49ae9f0f17ef9492bb1b /interface-definitions
parente64322c2171a63d5fe52a431b948727d1df27d9c (diff)
downloadvyos-1x-4d2c89dcd50d3c158dc76ac5ab843dd66105bc02.tar.gz
vyos-1x-4d2c89dcd50d3c158dc76ac5ab843dd66105bc02.zip
T5873: vpn ipsec remote-access: support VTI interfaces
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/include/ipsec/bind.xml.i10
-rw-r--r--interface-definitions/vpn_ipsec.xml.in49
2 files changed, 51 insertions, 8 deletions
diff --git a/interface-definitions/include/ipsec/bind.xml.i b/interface-definitions/include/ipsec/bind.xml.i
new file mode 100644
index 000000000..edc46d403
--- /dev/null
+++ b/interface-definitions/include/ipsec/bind.xml.i
@@ -0,0 +1,10 @@
+<!-- include start from ipsec/bind.xml.i -->
+<leafNode name="bind">
+ <properties>
+ <help>VTI tunnel interface associated with this configuration</help>
+ <completionHelp>
+ <path>interfaces vti</path>
+ </completionHelp>
+ </properties>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in
index 4a7fde75b..d9d6fd93b 100644
--- a/interface-definitions/vpn_ipsec.xml.in
+++ b/interface-definitions/vpn_ipsec.xml.in
@@ -854,6 +854,7 @@
#include <include/dhcp-interface.xml.i>
#include <include/ipsec/local-traffic-selector.xml.i>
#include <include/ipsec/replay-window.xml.i>
+ #include <include/ipsec/bind.xml.i>
<leafNode name="timeout">
<properties>
<help>Timeout to close connection if no data is transmitted</help>
@@ -978,6 +979,45 @@
</constraint>
</properties>
</leafNode>
+ <node name="range">
+ <properties>
+ <help>Local IPv4 or IPv6 pool range</help>
+ </properties>
+ <children>
+ <leafNode name="start">
+ <properties>
+ <help>First IP address for local pool range</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>IPv4 start address of pool</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6</format>
+ <description>IPv6 start address of pool</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ip-address"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="stop">
+ <properties>
+ <help>Last IP address for local pool range</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>IPv4 end address of pool</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6</format>
+ <description>IPv6 end address of pool</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ip-address"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
#include <include/name-server-ipv4-ipv6.xml.i>
</children>
</tagNode>
@@ -1201,14 +1241,7 @@
<help>Virtual tunnel interface</help>
</properties>
<children>
- <leafNode name="bind">
- <properties>
- <help>VTI tunnel interface associated with this configuration</help>
- <completionHelp>
- <path>interfaces vti</path>
- </completionHelp>
- </properties>
- </leafNode>
+ #include <include/ipsec/bind.xml.i>
#include <include/ipsec/esp-group.xml.i>
</children>
</node>