From 79f1c891f3ae72fae3028f114e652225a082d9ef Mon Sep 17 00:00:00 2001 From: sarthurdev <965089+sarthurdev@users.noreply.github.com> Date: Sun, 4 Jul 2021 17:17:54 +0200 Subject: ipsec: T1210: T1251: extend ra config with address pools/traffic selectors --- interface-definitions/vpn_ipsec.xml.in | 126 +++++++++++++++++++++++++++++++++ 1 file changed, 126 insertions(+) (limited to 'interface-definitions') diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in index ef3b05e29..a9444ecc5 100644 --- a/interface-definitions/vpn_ipsec.xml.in +++ b/interface-definitions/vpn_ipsec.xml.in @@ -743,6 +743,132 @@ #include #include #include + + + IPv4 or IPv6 address of a local interface to use for VPN + + any + + + ipv4 + IPv4 address of a local interface for VPN + + + ipv6 + IPv6 address of a local interface for VPN + + + any + Allow any IPv4 address present on the system to be used for VPN + + + + + ^(any)$ + + + + + + Local traffic selectors + + + + + Any TCP or UDP port + + port name + Named port (any name in /etc/services, e.g., http) + + + u32:1-65535 + Numbered port + + + + + + Local IPv4 or IPv6 prefix + + ipv4 + Local IPv4 prefix + + + ipv6 + Local IPv6 prefix + + + + + + + + + + + + + IP address pool for remote-access users + + + + + Local IPv4 or IPv6 pool prefix exclusions + + ipv4 + Local IPv4 pool prefix exclusion + + + ipv6 + Local IPv6 pool prefix exclusion + + + + + + + + + + + Local IPv4 or IPv6 pool prefix + + ipv4 + Local IPv4 pool prefix + + + ipv6 + Local IPv6 pool prefix + + + + + + + + + + IPv4 or IPv6 DNS addresses for pool + + any + + + ipv4 + IPv4 DNS address for pool + + + ipv6 + IPv6 DNS address for pool + + + + + + + + + + Timeout to close connection if no data is transmitted -- cgit v1.2.3