diff options
| author | Daniil Baturin <daniil@vyos.io> | 2022-09-08 12:09:47 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-09-08 12:09:47 +0100 |
| commit | adbffa6d475a7ebf6972468ad6f86df90520aa65 (patch) | |
| tree | 428ba2e1a5fa8b34971cceb9f8391c1ac0d5d444 /docs/configuration | |
| parent | 86f8017a80b1159ff13303615a03a787d97bfdd7 (diff) | |
| parent | da88a7dadcb1be9c6c9145b1376f1a9f2cb855f2 (diff) | |
| download | vyos-documentation-adbffa6d475a7ebf6972468ad6f86df90520aa65.tar.gz vyos-documentation-adbffa6d475a7ebf6972468ad6f86df90520aa65.zip | |
Merge pull request #849 from srividya0208/ipsec-interfaces
ipsec-interface: syntax correction
Diffstat (limited to 'docs/configuration')
| -rw-r--r-- | docs/configuration/interfaces/l2tpv3.rst | 2 | ||||
| -rw-r--r-- | docs/configuration/loadbalancing/index.rst | 2 | ||||
| -rw-r--r-- | docs/configuration/nat/nat44.rst | 2 | ||||
| -rw-r--r-- | docs/configuration/system/acceleration.rst | 6 | ||||
| -rw-r--r-- | docs/configuration/vpn/dmvpn.rst | 4 | ||||
| -rw-r--r-- | docs/configuration/vpn/ipsec.rst | 2 | ||||
| -rw-r--r-- | docs/configuration/vpn/l2tp.rst | 4 | ||||
| -rw-r--r-- | docs/configuration/vpn/site2site_ipsec.rst | 8 |
8 files changed, 15 insertions, 15 deletions
diff --git a/docs/configuration/interfaces/l2tpv3.rst b/docs/configuration/interfaces/l2tpv3.rst index ca0ce2c9..191158b7 100644 --- a/docs/configuration/interfaces/l2tpv3.rst +++ b/docs/configuration/interfaces/l2tpv3.rst @@ -141,7 +141,7 @@ IPSec: .. code-block:: none - set vpn ipsec ipsec-interfaces <VPN-interface> + set vpn ipsec interface <VPN-interface> set vpn ipsec esp-group test-ESP-1 compression 'disable' set vpn ipsec esp-group test-ESP-1 lifetime '3600' set vpn ipsec esp-group test-ESP-1 mode 'transport' diff --git a/docs/configuration/loadbalancing/index.rst b/docs/configuration/loadbalancing/index.rst index 36a69f89..5034547b 100644 --- a/docs/configuration/loadbalancing/index.rst +++ b/docs/configuration/loadbalancing/index.rst @@ -13,7 +13,7 @@ the routing table and balances traffic across the configured interfaces, determined by interface health and weight. -In a minimal, configuration the following must be provided: +In a minimal configuration, the following must be provided: * an interface with a nexthop * one rule with a LAN (inbound-interface) and the WAN (interface). diff --git a/docs/configuration/nat/nat44.rst b/docs/configuration/nat/nat44.rst index 02aa4ece..62964fea 100644 --- a/docs/configuration/nat/nat44.rst +++ b/docs/configuration/nat/nat44.rst @@ -684,7 +684,7 @@ external interface in the image above) set vpn ipsec esp-group my-esp proposal 1 encryption 'aes256' set vpn ipsec esp-group my-esp proposal 1 hash 'sha256' - set vpn ipsec ipsec-interfaces interface 'eth1' + set vpn ipsec interface 'eth1' IPSec VPN Tunnels """"""""""""""""" diff --git a/docs/configuration/system/acceleration.rst b/docs/configuration/system/acceleration.rst index 4c595022..62b85c71 100644 --- a/docs/configuration/system/acceleration.rst +++ b/docs/configuration/system/acceleration.rst @@ -69,7 +69,7 @@ Side A: set vpn ipsec ike-group MyIKEGroup proposal 1 dh-group '14' set vpn ipsec ike-group MyIKEGroup proposal 1 encryption 'aes256' set vpn ipsec ike-group MyIKEGroup proposal 1 hash 'sha256' - set vpn ipsec ipsec-interfaces interface 'eth0' + set vpn ipsec interface 'eth0' set vpn ipsec site-to-site peer 10.10.10.1 authentication mode 'pre-shared-secret' set vpn ipsec site-to-site peer 10.10.10.1 authentication pre-shared-secret 'Qwerty123' set vpn ipsec site-to-site peer 10.10.10.1 connection-type 'initiate' @@ -88,7 +88,7 @@ Side B: set vpn ipsec ike-group MyIKEGroup proposal 1 dh-group '14' set vpn ipsec ike-group MyIKEGroup proposal 1 encryption 'aes256' set vpn ipsec ike-group MyIKEGroup proposal 1 hash 'sha256' - set vpn ipsec ipsec-interfaces interface 'eth0' + set vpn ipsec interface 'eth0' set vpn ipsec site-to-site peer 10.10.10.2 authentication mode 'pre-shared-secret' set vpn ipsec site-to-site peer 10.10.10.2 authentication pre-shared-secret 'Qwerty123' set vpn ipsec site-to-site peer 10.10.10.2 connection-type 'initiate' @@ -143,4 +143,4 @@ increases. [ 9] 0.00-10.01 sec 925 MBytes 775 Mbits/sec receiver -.. _`IntelĀ® QAT`: https://www.intel.com/content/www/us/en/architecture-and-technology/intel-quick-assist-technology-overview.html
\ No newline at end of file +.. _`IntelĀ® QAT`: https://www.intel.com/content/www/us/en/architecture-and-technology/intel-quick-assist-technology-overview.html diff --git a/docs/configuration/vpn/dmvpn.rst b/docs/configuration/vpn/dmvpn.rst index 50563e8b..66fc79da 100644 --- a/docs/configuration/vpn/dmvpn.rst +++ b/docs/configuration/vpn/dmvpn.rst @@ -218,7 +218,7 @@ Hub set vpn ipsec ike-group IKE-HUB proposal 2 encryption 'aes128' set vpn ipsec ike-group IKE-HUB proposal 2 hash 'sha1' - set vpn ipsec ipsec-interfaces interface 'eth0' + set vpn ipsec interface 'eth0' set vpn ipsec profile NHRPVPN authentication mode 'pre-shared-secret' set vpn ipsec profile NHRPVPN authentication pre-shared-secret 'secret' @@ -328,7 +328,7 @@ VyOS can also run in DMVPN spoke mode. set vpn ipsec ike-group IKE-HUB proposal 2 encryption 'aes128' set vpn ipsec ike-group IKE-HUB proposal 2 hash 'sha1' - set vpn ipsec ipsec-interfaces interface 'eth0' + set vpn ipsec interface 'eth0' set vpn ipsec profile NHRPVPN authentication mode 'pre-shared-secret' set vpn ipsec profile NHRPVPN authentication pre-shared-secret 'secret' diff --git a/docs/configuration/vpn/ipsec.rst b/docs/configuration/vpn/ipsec.rst index 693f3ec6..d1ea7bbc 100644 --- a/docs/configuration/vpn/ipsec.rst +++ b/docs/configuration/vpn/ipsec.rst @@ -198,7 +198,7 @@ On the LEFT: set interfaces tunnel tun0 address 10.10.10.1/30 ## IPsec - set vpn ipsec ipsec-interfaces interface eth0 + set vpn ipsec interface eth0 # IKE group set vpn ipsec ike-group MyIKEGroup proposal 1 dh-group '2' diff --git a/docs/configuration/vpn/l2tp.rst b/docs/configuration/vpn/l2tp.rst index 411b7b5e..8dc34ee4 100644 --- a/docs/configuration/vpn/l2tp.rst +++ b/docs/configuration/vpn/l2tp.rst @@ -14,7 +14,7 @@ with native Windows and Mac VPN clients): .. code-block:: none - set vpn ipsec ipsec-interfaces interface eth0 + set vpn ipsec interface eth0 set vpn l2tp remote-access outside-address 192.0.2.2 set vpn l2tp remote-access client-ip-pool start 192.168.255.2 @@ -24,7 +24,7 @@ with native Windows and Mac VPN clients): set vpn l2tp remote-access authentication mode local set vpn l2tp remote-access authentication local-users username test password 'test' -In the example above an external IP of 192.0.2.2 is assumed. +In the above example, an external IP of 192.0.2.2 is assumed. If a local firewall policy is in place on your external interface you will need to allow the ports below: diff --git a/docs/configuration/vpn/site2site_ipsec.rst b/docs/configuration/vpn/site2site_ipsec.rst index 2fa59dc1..fdcd3385 100644 --- a/docs/configuration/vpn/site2site_ipsec.rst +++ b/docs/configuration/vpn/site2site_ipsec.rst @@ -181,7 +181,7 @@ Example: set vpn ipsec ike-group office-srv-ike lifetime '3600' set vpn ipsec ike-group office-srv-ike proposal 1 encryption 'aes256' set vpn ipsec ike-group office-srv-ike proposal 1 hash 'sha1' - set vpn ipsec ipsec-interfaces interface 'eth1' + set vpn ipsec interface 'eth1' set vpn ipsec site-to-site peer 203.0.113.2 authentication mode 'pre-shared-secret' set vpn ipsec site-to-site peer 203.0.113.2 authentication pre-shared-secret 'SomePreSharedKey' set vpn ipsec site-to-site peer 203.0.113.2 ike-group 'office-srv-ike' @@ -204,7 +204,7 @@ Example: set vpn ipsec ike-group office-srv-ike lifetime '3600' set vpn ipsec ike-group office-srv-ike proposal 1 encryption 'aes256' set vpn ipsec ike-group office-srv-ike proposal 1 hash 'sha1' - set vpn ipsec ipsec-interfaces interface 'eth1' + set vpn ipsec interface 'eth1' set vpn ipsec site-to-site peer 198.51.100.3 authentication mode 'pre-shared-secret' set vpn ipsec site-to-site peer 198.51.100.3 authentication pre-shared-secret 'SomePreSharedKey' set vpn ipsec site-to-site peer 198.51.100.3 ike-group 'office-srv-ike' @@ -305,7 +305,7 @@ Imagine the following topology set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 dh-group '19' set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 encryption 'aes256gcm128' set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 hash 'sha256' - set vpn ipsec ipsec-interfaces interface 'eth0.201' + set vpn ipsec interface 'eth0.201' set vpn ipsec site-to-site peer 172.18.202.10 authentication id '172.18.201.10' set vpn ipsec site-to-site peer 172.18.202.10 authentication mode 'pre-shared-secret' set vpn ipsec site-to-site peer 172.18.202.10 authentication pre-shared-secret 'secretkey' @@ -339,7 +339,7 @@ Imagine the following topology set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 dh-group '19' set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 encryption 'aes256gcm128' set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 hash 'sha256' - set vpn ipsec ipsec-interfaces interface 'eth0.202' + set vpn ipsec interface 'eth0.202' set vpn ipsec site-to-site peer 172.18.201.10 authentication id '172.18.202.10' set vpn ipsec site-to-site peer 172.18.201.10 authentication mode 'pre-shared-secret' set vpn ipsec site-to-site peer 172.18.201.10 authentication pre-shared-secret 'secretkey' |