diff options
| author | Christian Breunig <christian@breunig.cc> | 2024-08-01 13:08:36 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-08-01 13:08:36 +0200 |
| commit | 962ead698e191ff413aaa1585270dfed48100547 (patch) | |
| tree | d0aefbaeaf2b5d1716dd578060a93eb07618972a /interface-definitions | |
| parent | b12cd41000bf64950582dc62538be609741aac54 (diff) | |
| parent | 50cf1746d3ab5e3666a3e502c67d7d853ae7f932 (diff) | |
| download | vyos-1x-962ead698e191ff413aaa1585270dfed48100547.tar.gz vyos-1x-962ead698e191ff413aaa1585270dfed48100547.zip | |
Merge pull request #3221 from lucasec/t5873
T5873: ipsec remote access VPN: support VTI interfaces.
Diffstat (limited to 'interface-definitions')
| -rw-r--r-- | interface-definitions/include/ipsec/bind.xml.i | 10 | ||||
| -rw-r--r-- | interface-definitions/vpn_ipsec.xml.in | 49 |
2 files changed, 51 insertions, 8 deletions
diff --git a/interface-definitions/include/ipsec/bind.xml.i b/interface-definitions/include/ipsec/bind.xml.i new file mode 100644 index 000000000..edc46d403 --- /dev/null +++ b/interface-definitions/include/ipsec/bind.xml.i @@ -0,0 +1,10 @@ +<!-- include start from ipsec/bind.xml.i --> +<leafNode name="bind"> + <properties> + <help>VTI tunnel interface associated with this configuration</help> + <completionHelp> + <path>interfaces vti</path> + </completionHelp> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in index 4a7fde75b..d9d6fd93b 100644 --- a/interface-definitions/vpn_ipsec.xml.in +++ b/interface-definitions/vpn_ipsec.xml.in @@ -854,6 +854,7 @@ #include <include/dhcp-interface.xml.i> #include <include/ipsec/local-traffic-selector.xml.i> #include <include/ipsec/replay-window.xml.i> + #include <include/ipsec/bind.xml.i> <leafNode name="timeout"> <properties> <help>Timeout to close connection if no data is transmitted</help> @@ -978,6 +979,45 @@ </constraint> </properties> </leafNode> + <node name="range"> + <properties> + <help>Local IPv4 or IPv6 pool range</help> + </properties> + <children> + <leafNode name="start"> + <properties> + <help>First IP address for local pool range</help> + <valueHelp> + <format>ipv4</format> + <description>IPv4 start address of pool</description> + </valueHelp> + <valueHelp> + <format>ipv6</format> + <description>IPv6 start address of pool</description> + </valueHelp> + <constraint> + <validator name="ip-address"/> + </constraint> + </properties> + </leafNode> + <leafNode name="stop"> + <properties> + <help>Last IP address for local pool range</help> + <valueHelp> + <format>ipv4</format> + <description>IPv4 end address of pool</description> + </valueHelp> + <valueHelp> + <format>ipv6</format> + <description>IPv6 end address of pool</description> + </valueHelp> + <constraint> + <validator name="ip-address"/> + </constraint> + </properties> + </leafNode> + </children> + </node> #include <include/name-server-ipv4-ipv6.xml.i> </children> </tagNode> @@ -1201,14 +1241,7 @@ <help>Virtual tunnel interface</help> </properties> <children> - <leafNode name="bind"> - <properties> - <help>VTI tunnel interface associated with this configuration</help> - <completionHelp> - <path>interfaces vti</path> - </completionHelp> - </properties> - </leafNode> + #include <include/ipsec/bind.xml.i> #include <include/ipsec/esp-group.xml.i> </children> </node> |