diff options
| author | Robert Göhler <github@ghlr.de> | 2023-12-07 14:17:00 +0100 | 
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-12-07 14:17:00 +0100 | 
| commit | 4144d78284b21ead1b596e0c0065d60f1546d7cb (patch) | |
| tree | 17f006d62494670b725ae899da24aa321bd17ff2 | |
| parent | 3c101fedf3259c737a3ba42d0704b3fa7cf54a59 (diff) | |
| parent | 1096cbcf95f96334d773ab98cce9d26d311f9e51 (diff) | |
| download | vyos-documentation-4144d78284b21ead1b596e0c0065d60f1546d7cb.tar.gz vyos-documentation-4144d78284b21ead1b596e0c0065d60f1546d7cb.zip | |
Merge pull request #1176 from aapostoliuk/T5688-circunis
accel-ppp: T5688: Changing CLI to create client address pool
| -rw-r--r-- | docs/configuration/service/pppoe-server.rst | 59 | ||||
| -rw-r--r-- | docs/configuration/vpn/l2tp.rst | 12 | ||||
| -rw-r--r-- | docs/configuration/vpn/pptp.rst | 4 | ||||
| -rw-r--r-- | docs/configuration/vpn/sstp.rst | 15 | 
4 files changed, 44 insertions, 46 deletions
| diff --git a/docs/configuration/service/pppoe-server.rst b/docs/configuration/service/pppoe-server.rst index 3a0adee7..a230d9fe 100644 --- a/docs/configuration/service/pppoe-server.rst +++ b/docs/configuration/service/pppoe-server.rst @@ -57,48 +57,35 @@ Client Address Pools  --------------------  To automatically assign the client an IP address as tunnel endpoint, a -client IP pool is needed. The source can be either RADIUS or a local -subnet or IP range definition. - -Once the local tunnel endpoint ``set service pppoe-server gateway-address -'10.1.1.2'`` has been defined, the client IP pool can be either defined -as a range or as subnet using CIDR notation. If the CIDR notation is -used, multiple subnets can be setup which are used sequentially. +client IP pool is needed. The source can be either RADIUS or a +named pool. There is possibility to create multiple named pools. +Each named pool can include only one address range. To use multiple +address ranges configure ``next-pool`` option.  **Client IP address via IP range definition** -.. cfgcmd:: set service pppoe-server client-ip-pool start <address> - -   Use this command to define the first IP address of a pool of -   addresses to be given to PPPoE clients. It must be within a /24 -   subnet. - -.. cfgcmd:: set service pppoe-server client-ip-pool stop <address> - -   Use this command to define the last IP address of a pool of -   addresses to be given to PPPoE clients. It must be within a /24 -   subnet. - -.. code-block:: none +.. cfgcmd:: set service pppoe-server client-ip-pool <POOL-NAME> range <x.x.x.x-x.x.x.x | x.x.x.x/x> -  set service pppoe-server client-ip-pool start '10.1.1.100' -  set service pppoe-server client-ip-pool stop '10.1.1.111' +   Use this command to define the IP address range to be given +   to PPPoE clients. If notation ``x.x.x.x-x.x.x.x``, +   it must be within a /24 subnet. If notation ``x.x.x.x/x`` is +   used there is possibility to set host/netmask. +.. cfgcmd:: set service pppoe-server client-ip-pool <POOL-NAME> next-pool <NEXT-POOL-NAME> -**Client IP subnets via CIDR notation** +   Use this command to define the next address pool name. -.. cfgcmd:: set service pppoe-server client-ip-pool subnet <address> +.. cfgcmd:: set service pppoe-server default-pool <POOL-NAME> -   Use this command for every pool of client IP addresses you want to -   define. The addresses of this pool will be given to PPPoE clients. -   You must use CIDR notation. +   Use this command to define default address pool name.  .. code-block:: none -  set service pppoe-server client-ip-pool subnet '10.1.1.0/24' -  set service pppoe-server client-ip-pool subnet '10.1.2.0/23' -  set service pppoe-server client-ip-pool subnet '10.1.4.0/22' +  set service pppoe-server client-ip-pool IP-POOL next-pool 'IP-POOL2' +  set service pppoe-server client-ip-pool IP-POOL range '10.0.10.5/24' +  set service pppoe-server client-ip-pool IP-POOL2 range '10.0.0.10-10.0.0.12' +  set service pppoe-server default-pool 'IP-POOL'  **RADIUS based IP pools (Framed-IP-Address)** @@ -213,8 +200,8 @@ For Local Users    set service pppoe-server authentication local-users username foo rate-limit download '20480'    set service pppoe-server authentication local-users username foo rate-limit upload '10240'    set service pppoe-server authentication mode 'local' -  set service pppoe-server client-ip-pool start '10.1.1.100' -  set service pppoe-server client-ip-pool stop '10.1.1.111' +  set service pppoe-server client-ip-pool IP-POOL range '10.1.1.100/24' +  set service pppoe-server default-pool 'IP-POOL'    set service pppoe-server name-server '10.100.100.1'    set service pppoe-server name-server '10.100.200.1'    set service pppoe-server interface 'eth1' @@ -367,8 +354,8 @@ address from the pool 10.1.1.100-111, terminates at the local endpoint    set service pppoe-server access-concentrator 'ACN'    set service pppoe-server authentication local-users username foo password 'bar'    set service pppoe-server authentication mode 'local' -  set service pppoe-server client-ip-pool start '10.1.1.100' -  set service pppoe-server client-ip-pool stop '10.1.1.111' +  set service pppoe-server client-ip-pool IP-POOL range '10.1.1.100-10.1.1.111' +  set service pppoe-server default-pool 'IP-POOL'    set service pppoe-server interface eth1    set service pppoe-server gateway-address '10.1.1.2'    set service pppoe-server name-server '10.100.100.1' @@ -385,8 +372,8 @@ The example below covers a dual-stack configuration via pppoe-server.    set service pppoe-server authentication local-users username test password 'test'    set service pppoe-server authentication mode 'local' -  set service pppoe-server client-ip-pool start '192.168.0.1' -  set service pppoe-server client-ip-pool stop '192.168.0.10' +  set service pppoe-server client-ip-pool IP-POOL range '192.168.0.1/24' +  set service pppoe-server default-pool 'IP-POOL'    set service pppoe-server client-ipv6-pool delegate '2001:db8:8003::/48' delegation-prefix '56'    set service pppoe-server client-ipv6-pool prefix '2001:db8:8002::/48' mask '64'    set service pppoe-server ppp-options ipv6 allow diff --git a/docs/configuration/vpn/l2tp.rst b/docs/configuration/vpn/l2tp.rst index 26de47b3..4a7657e7 100644 --- a/docs/configuration/vpn/l2tp.rst +++ b/docs/configuration/vpn/l2tp.rst @@ -17,8 +17,8 @@ with native Windows and Mac VPN clients):    set vpn ipsec interface eth0    set vpn l2tp remote-access outside-address 192.0.2.2 -  set vpn l2tp remote-access client-ip-pool start 192.168.255.2 -  set vpn l2tp remote-access client-ip-pool stop 192.168.255.254 +  set vpn l2tp remote-access client-ip-pool L2TP-POOL range 192.168.255.2-192.168.255.254 +  set vpn l2tp remote-access default-pool 'L2TP-POOL'    set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret    set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret <secret>    set vpn l2tp remote-access authentication mode local @@ -95,8 +95,8 @@ Below is an example to configure a LNS:  .. code-block:: none    set vpn l2tp remote-access outside-address 192.0.2.2 -  set vpn l2tp remote-access client-ip-pool start 192.168.255.2 -  set vpn l2tp remote-access client-ip-pool stop 192.168.255.254 +  set vpn l2tp remote-access client-ip-pool L2TP-POOL range 192.168.255.2-192.168.255.254 +  set vpn l2tp remote-access default-pool 'L2TP-POOL'    set vpn l2tp remote-access lns shared-secret 'secret'    set vpn l2tp remote-access ccp-disable    set vpn l2tp remote-access authentication mode local @@ -122,8 +122,8 @@ The rate-limit is set in kbit/sec.  .. code-block:: none    set vpn l2tp remote-access outside-address 192.0.2.2 -  set vpn l2tp remote-access client-ip-pool start 192.168.255.2 -  set vpn l2tp remote-access client-ip-pool stop 192.168.255.254 +  set vpn l2tp remote-access client-ip-pool L2TP-POOL range 192.168.255.2-192.168.255.254 +  set vpn l2tp remote-access default-pool 'L2TP-POOL'    set vpn l2tp remote-access authentication mode local    set vpn l2tp remote-access authentication local-users username test password test    set vpn l2tp remote-access authentication local-users username test rate-limit download 20480 diff --git a/docs/configuration/vpn/pptp.rst b/docs/configuration/vpn/pptp.rst index 12364acb..fe536eec 100644 --- a/docs/configuration/vpn/pptp.rst +++ b/docs/configuration/vpn/pptp.rst @@ -20,8 +20,8 @@ server example    set vpn pptp remote-access authentication local-users username test password 'test'    set vpn pptp remote-access authentication mode 'local' -  set vpn pptp remote-access client-ip-pool start '192.168.0.10' -  set vpn pptp remote-access client-ip-pool stop '192.168.0.15' +  set vpn pptp remote-access client-ip-pool PPTP-POOL range 192.168.0.10-192.168.0.15 +  set vpn pptp remote-access default-pool 'PPTP-POOL'    set vpn pptp remote-access gateway-address '10.100.100.1'    set vpn pptp remote-access outside-address '10.1.1.120' diff --git a/docs/configuration/vpn/sstp.rst b/docs/configuration/vpn/sstp.rst index f3e062fe..fa2b96c8 100644 --- a/docs/configuration/vpn/sstp.rst +++ b/docs/configuration/vpn/sstp.rst @@ -116,9 +116,20 @@ Configuration    Specifies the port `<port>` that the SSTP port will listen on (default 443). -.. cfgcmd:: set vpn sstp client-ip-pool subnet <subnet> +.. cfgcmd:: set vpn sstp client-ip-pool <POOL-NAME> range <x.x.x.x-x.x.x.x | x.x.x.x/x> -  Use `<subnet>` as the IP pool for all connecting clients. +   Use this command to define the first IP address of a pool of +   addresses to be given to SSTP clients. If notation ``x.x.x.x-x.x.x.x``, +   it must be within a /24 subnet. If notation ``x.x.x.x/x`` is +   used there is possibility to set host/netmask. + +.. cfgcmd:: set vpn sstp client-ip-pool <POOL-NAME> next-pool <NEXT-POOL-NAME> + +   Use this command to define the next address pool name. + +.. cfgcmd:: set vpn sstp default-pool <POOL-NAME> + +   Use this command to define default address pool name.  .. cfgcmd:: set vpn sstp client-ipv6-pool prefix <address> mask <number-of-bits> | 
