diff options
author | mkorobeinikov <92354771+mkorobeinikov@users.noreply.github.com> | 2022-02-23 10:49:37 +1000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-02-23 10:49:37 +1000 |
commit | ea485aede16c5f8830a7e74449f5be566de9c79b (patch) | |
tree | e3e07ac3d7f2a45196f09b82ae52a1c67ab7b0e8 | |
parent | 5d3bffe651678e9fcbf2dad90cea7e66a110ce53 (diff) | |
download | vyos-documentation-ea485aede16c5f8830a7e74449f5be566de9c79b.tar.gz vyos-documentation-ea485aede16c5f8830a7e74449f5be566de9c79b.zip |
Add cisco_flexvpn and install_virtualip_on options
Ability to set Cisco FlexVPN vendor ID payload:
charon.cisco_flexvpn = yes
charon.install_virtual_ip_on = tunX
swanctl.connections.<conn>.vips = x.x.x.x, z.z.z.z
-rw-r--r-- | docs/configuration/vpn/ipsec.rst | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/docs/configuration/vpn/ipsec.rst b/docs/configuration/vpn/ipsec.rst index e079474f..7ccdb845 100644 --- a/docs/configuration/vpn/ipsec.rst +++ b/docs/configuration/vpn/ipsec.rst @@ -162,7 +162,20 @@ VyOS ESP group has the next options: * ``encryption`` encryption algorithm (default 128 bit AES-CBC); * ``hash`` hash algorithm (default sha1). + +*********************************************** +Options (Global IPsec settings) Attributes +*********************************************** +* ``options`` IPsec settings: + * ``disable-route-autoinstall`` Do not automatically install routes to remote networks; + + * ``flexvpn`` Allow FlexVPN vendor ID payload (IKEv2 only); + + * ``interface`` Interface Name to use; + + * ``virtual-ip`` Allow install virtual-ip addresses. + ************************* IPsec policy matching GRE ************************* |