diff options
| author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2023-01-30 10:56:38 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-01-30 10:56:38 +0200 |
| commit | 3c750f9b12b54d872848f6571deb02245ba8e28a (patch) | |
| tree | e23d8bac780a9787c5763b8618fa7591a8fe8270 /interface-definitions | |
| parent | 6eea12512e59cc28f5c2e5ca5ec7e9e7b21731da (diff) | |
| parent | 7ae0b404ad9fdefa856c7e450b224b47d854a4eb (diff) | |
| download | vyos-1x-3c750f9b12b54d872848f6571deb02245ba8e28a.tar.gz vyos-1x-3c750f9b12b54d872848f6571deb02245ba8e28a.zip | |
Merge pull request #1761 from sever-sever/T4916-curr
T4916: Rewrite IPsec peer authentication and psk migration
Diffstat (limited to 'interface-definitions')
| -rw-r--r-- | interface-definitions/include/dhcp-interface-multi.xml.i | 18 | ||||
| -rw-r--r-- | interface-definitions/include/version/ipsec-version.xml.i | 2 | ||||
| -rw-r--r-- | interface-definitions/vpn-ipsec.xml.in | 35 |
3 files changed, 53 insertions, 2 deletions
diff --git a/interface-definitions/include/dhcp-interface-multi.xml.i b/interface-definitions/include/dhcp-interface-multi.xml.i new file mode 100644 index 000000000..c74751a19 --- /dev/null +++ b/interface-definitions/include/dhcp-interface-multi.xml.i @@ -0,0 +1,18 @@ +<!-- include start from dhcp-interface-multi.xml.i --> +<leafNode name="dhcp-interface"> + <properties> + <help>DHCP interface supplying next-hop IP address</help> + <completionHelp> + <script>${vyos_completion_dir}/list_interfaces.py</script> + </completionHelp> + <valueHelp> + <format>txt</format> + <description>DHCP interface name</description> + </valueHelp> + <constraint> + #include <include/constraint/interface-name.xml.in> + </constraint> + <multi/> + </properties> +</leafNode> +<!-- include end -->
\ No newline at end of file diff --git a/interface-definitions/include/version/ipsec-version.xml.i b/interface-definitions/include/version/ipsec-version.xml.i index 1c978e8e6..8d019b466 100644 --- a/interface-definitions/include/version/ipsec-version.xml.i +++ b/interface-definitions/include/version/ipsec-version.xml.i @@ -1,3 +1,3 @@ <!-- include start from include/version/ipsec-version.xml.i --> -<syntaxVersion component='ipsec' version='10'></syntaxVersion> +<syntaxVersion component='ipsec' version='11'></syntaxVersion> <!-- include end --> diff --git a/interface-definitions/vpn-ipsec.xml.in b/interface-definitions/vpn-ipsec.xml.in index 4bb9ad145..9d20926ec 100644 --- a/interface-definitions/vpn-ipsec.xml.in +++ b/interface-definitions/vpn-ipsec.xml.in @@ -11,6 +11,40 @@ <priority>901</priority> </properties> <children> + <node name="authentication"> + <properties> + <help>Authentication</help> + </properties> + <children> + <tagNode name="psk"> + <properties> + <help>Pre-shared key name</help> + </properties> + <children> + #include <include/dhcp-interface-multi.xml.i> + <leafNode name="id"> + <properties> + <help>ID for authentication</help> + <valueHelp> + <format>txt</format> + <description>ID used for authentication</description> + </valueHelp> + <multi/> + </properties> + </leafNode> + <leafNode name="secret"> + <properties> + <help>IKE pre-shared secret key</help> + <valueHelp> + <format>txt</format> + <description>IKE pre-shared secret key</description> + </valueHelp> + </properties> + </leafNode> + </children> + </tagNode> + </children> + </node> <leafNode name="disable-uniqreqids"> <properties> <help>Disable requirement for unique IDs in the Security Database</help> @@ -987,7 +1021,6 @@ </constraint> </properties> </leafNode> - #include <include/ipsec/authentication-pre-shared-secret.xml.i> <leafNode name="remote-id"> <properties> <help>ID for remote authentication</help> |