diff options
| -rw-r--r-- | data/templates/ipsec/charon/dhcp.conf.tmpl | 10 | ||||
| -rw-r--r-- | interface-definitions/vpn_ipsec.xml.in | 61 | ||||
| -rwxr-xr-x | src/conf_mode/vpn_ipsec.py | 2 |
3 files changed, 33 insertions, 40 deletions
diff --git a/data/templates/ipsec/charon/dhcp.conf.tmpl b/data/templates/ipsec/charon/dhcp.conf.tmpl index 96dfd7633..92774b275 100644 --- a/data/templates/ipsec/charon/dhcp.conf.tmpl +++ b/data/templates/ipsec/charon/dhcp.conf.tmpl @@ -1,11 +1,11 @@ dhcp { load = yes -{% if options is defined and options.remote_access is defined and options.remote_access.dhcp is defined %} -{% if options.remote_access.dhcp.interface is defined %} - interface = {{ options.remote_access.dhcp.interface }} +{% if remote_access is defined and remote_access.dhcp is defined %} +{% if remote_access.dhcp.interface is defined %} + interface = {{ remote_access.dhcp.interface }} {% endif %} -{% if options.remote_access.dhcp.server is defined %} - server = {{ options.remote_access.dhcp.server }} +{% if remote_access.dhcp.server is defined %} + server = {{ remote_access.dhcp.server }} {% endif %} {% endif %} diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in index 4cd1936a2..858adb13a 100644 --- a/interface-definitions/vpn_ipsec.xml.in +++ b/interface-definitions/vpn_ipsec.xml.in @@ -630,40 +630,6 @@ <valueless/> </properties> </leafNode> - <node name="remote-access"> - <properties> - <help>remote-access global options</help> - </properties> - <children> - <node name="dhcp"> - <properties> - <help>DHCP pool options for remote-access</help> - </properties> - <children> - <leafNode name="interface"> - <properties> - <help>Interface with DHCP server to use</help> - <completionHelp> - <script>${vyos_completion_dir}/list_interfaces.py</script> - </completionHelp> - </properties> - </leafNode> - <leafNode name="server"> - <properties> - <help>DHCP server address</help> - <valueHelp> - <format>ipv4</format> - <description>DHCP server IPv4 address</description> - </valueHelp> - <constraint> - <validator name="ipv4-address"/> - </constraint> - </properties> - </leafNode> - </children> - </node> - </children> - </node> </children> </node> <tagNode name="profile"> @@ -835,6 +801,33 @@ </leafNode> </children> </tagNode> + <node name="dhcp"> + <properties> + <help>DHCP pool options for remote-access</help> + </properties> + <children> + <leafNode name="interface"> + <properties> + <help>Interface with DHCP server to use</help> + <completionHelp> + <script>${vyos_completion_dir}/list_interfaces.py</script> + </completionHelp> + </properties> + </leafNode> + <leafNode name="server"> + <properties> + <help>DHCP server address</help> + <valueHelp> + <format>ipv4</format> + <description>DHCP server IPv4 address</description> + </valueHelp> + <constraint> + <validator name="ipv4-address"/> + </constraint> + </properties> + </leafNode> + </children> + </node> <tagNode name="pool"> <properties> <help>IP address pool for remote-access users</help> diff --git a/src/conf_mode/vpn_ipsec.py b/src/conf_mode/vpn_ipsec.py index f1c6b216b..123380827 100755 --- a/src/conf_mode/vpn_ipsec.py +++ b/src/conf_mode/vpn_ipsec.py @@ -269,7 +269,7 @@ def verify(ipsec): for pool in ra_conf['pool']: if pool == 'dhcp': - if dict_search('options.remote_access.dhcp.server', ipsec) == None: + if dict_search('remote_access.dhcp.server', ipsec) == None: raise ConfigError('IPSec DHCP server is not configured!') elif 'pool' not in ipsec['remote_access'] or pool not in ipsec['remote_access']['pool']: |