summaryrefslogtreecommitdiff
path: root/interface-definitions/vpn_openconnect.xml.in
AgeCommit message (Collapse)Author
2022-04-09ocserv: T4231: Added OTP support for Openconnect 2FAgoodNETnick
2022-03-31Merge branch 'vyos:current' into ocserv_local_otpgoodNETnick
2022-03-16ocserv: T4231: Added OTP support for Openconnect 2FAgoodNETnick
2022-02-28open-connect: T4274: extend RADIUS authentication timeoutRageLtMan
RADIUS authentication can be handled by a variety of mechanisms, including proxy for 2FA systems requiring user interaction with a separate device, token acquisition, or other time-consuming action. Given the delays required for certain 2FA implementations, a thirty second timeout can range from onerous to untenable. Accomodate the 2FA time requirements by extending the hard-coded RADIUS time limit from 30 seconds to 240. Co-authored-by: RageLtMan <rageltman [at] sempervictus>
2022-02-24scripts: T4269: node.def generator should automatically add default valuesChristian Poessinger
Since introducing the XML <defaultValue> node it was common, but redundant, practice to also add a help string indicating which value would be used as default if the node is unset. This makes no sense b/c it's duplicated code/value/characters and prone to error. The node.def scripts should be extended to automatically render the appropriate default value into the CLI help string. For e.g. SSH the current PoC renders: $ cat templates-cfg/service/ssh/port/node.def multi: type: txt help: Port for SSH service (default: 22) val_help: u32:1-65535; Numeric IP port ... Not all subsystems are already migrated to get_config_dict() and make use of the defaults() call - those subsystems need to be migrated, first before the new default is added to the CLI help.
2021-09-18dhcp-server: T3838: rename dns-server to name-server nodeChristian Poessinger
IPv4 DHCP uses "dns-server" to specify one or more name-servers for a given pool. In order to use the same CLI syntax this should be renamed to name-server, which is already the case for DHCPv6.
2021-07-22xml: add building block for "local-users"Christian Poessinger
2021-07-20pki: openconnect: T3642: Migrate OpenConnect SSL to PKI configurationsarthurdev
2021-04-20xml: T3488: when using regex one must use ^ and $ when checking string literalsChristian Poessinger
2021-03-14xml: accel-ppp: move building blocks to subfolderChristian Poessinger
As the amount of include files now has reached a certain amount, it is getting more and more crowsded, thuse introducing "per topic" subdirectories on the filesystem to keep a clean structure makes sense.
2021-01-07xml: include: provide generic include for disable nodeChristian Poessinger
2021-01-07xml: radius: T3192: split individual nodes to discrete includesChristian Poessinger
Provide more re-usable nodes for future implementations.
2020-12-29xml: T1466: provide common includes for SSL certificate CLI nodesChristian Poessinger
Gather all SSL certificate, ca and key nodes into a single representation of XML which can be #included into the XML definitions of the CLI interface to be rendered.
2020-12-27xml: fix valueHelp format stringsChristian Poessinger
A pre-defined list of common format strings to be used inside the <format> node of <valueHelp> is available from [1]. Adjust all currently in use <format> nodes to re-use the predefined strings over writing them on their own by even encapsulating the <> signs as &lt; and &gt;. [1]: https://github.com/vyos/vyatta-cfg/blob/5aec1a0429f2f/etc/bash_completion.d/vyatta-cfg#L515-L566
2020-10-06openconnect: T2036: reuse accel-name-server.xml.iChristian Poessinger
2020-09-09openconnect: T2036: Move CLI commands under vpn openconnectDmitriyEshenko