summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorViacheslav Hletenko <v.gletenko@vyos.i>2022-02-17 21:18:37 +0000
committerViacheslav Hletenko <v.gletenko@vyos.io>2022-02-19 16:50:29 +0000
commitf6c2b5e4762e7713c5868bebf8e482ce732e3302 (patch)
treec8a10bd3d5ffc6970d548eec98ddc3feb18c4fd6 /interface-definitions
parente66879f71da3383a84ebfe6235795e718c32bdb9 (diff)
downloadvyos-1x-f6c2b5e4762e7713c5868bebf8e482ce732e3302.tar.gz
vyos-1x-f6c2b5e4762e7713c5868bebf8e482ce732e3302.zip
vpn: T4254: Add cisco_flexvpn and install_virtual_ip_on options
Ability to set Cisco FlexVPN vendor ID payload: charon.cisco_flexvpn charon.install_virtual_ip_on swanctl.connections.<conn>.vips = x.x.x.x, z.z.z.z set vpn ipsec options flexvpn set vpn ipsec options virtual-ip set vpn ipsec options interface tunX set vpn ipsec site-to-site peer x.x.x.x virtual-address x.x.x.x
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/vpn_ipsec.xml.in27
1 files changed, 27 insertions, 0 deletions
diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in
index afa3d52a0..f7297a6e2 100644
--- a/interface-definitions/vpn_ipsec.xml.in
+++ b/interface-definitions/vpn_ipsec.xml.in
@@ -622,6 +622,19 @@
<valueless/>
</properties>
</leafNode>
+ <leafNode name="flexvpn">
+ <properties>
+ <help>Allow FlexVPN vendor ID payload (IKEv2 only)</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ #include <include/generic-interface.xml.i>
+ <leafNode name="virtual-ip">
+ <properties>
+ <help>Allow install virtual-ip addresses</help>
+ <valueless/>
+ </properties>
+ </leafNode>
</children>
</node>
<tagNode name="profile">
@@ -1087,6 +1100,20 @@
</node>
</children>
</tagNode>
+ <leafNode name="virtual-address">
+ <properties>
+ <help>Initiator request virtual-address from peer</help>
+ <valueHelp>
+ <format>ipv4</format>
+ <description>Request IPv4 address from peer</description>
+ </valueHelp>
+ <valueHelp>
+ <format>ipv6</format>
+ <description>Request IPv6 address from peer</description>
+ </valueHelp>
+ <multi/>
+ </properties>
+ </leafNode>
<node name="vti">
<properties>
<help>Virtual tunnel interface [REQUIRED]</help>