From 1499918804a16051c44d2ee248c067f25e617185 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 29 Dec 2019 11:07:22 +0100 Subject: common-references: migrate all VyOS Phabricator references --- docs/vpn/openvpn.rst | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'docs/vpn') diff --git a/docs/vpn/openvpn.rst b/docs/vpn/openvpn.rst index 69961f0c..cbb89fbe 100644 --- a/docs/vpn/openvpn.rst +++ b/docs/vpn/openvpn.rst @@ -441,8 +441,8 @@ Options ======= We do not have CLI nodes for every single OpenVPN options. If an option is -missing, a feature request should be opened at https://phabricator.vyos.net so -all users can benefit from it. +missing, a feature request should be opened at Phabricator_ so all users can +benefit from it (see :ref:`issues_features`). If you are a hacker or want to try on your own we support passing raw OpenVPN options to OpenVPN. @@ -460,3 +460,5 @@ Will add ``push "keepalive 1 10"`` to the generated OpenVPN config file. .. note:: Sometimes option lines in the generated OpenVPN configurarion require quotes. This is done through a hack on our config generator. You can pass quotes using the ``"`` statement. + +.. include:: ../common-references.rst -- cgit v1.2.3 From dd1f3291fe5d01ed20441eced4b05e0f90071ac1 Mon Sep 17 00:00:00 2001 From: Eshenko Dmitriy Date: Tue, 31 Dec 2019 01:49:00 +0300 Subject: l2tp: delete deprecated outside-nexthop --- docs/vpn/l2tp.rst | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) (limited to 'docs/vpn') diff --git a/docs/vpn/l2tp.rst b/docs/vpn/l2tp.rst index 107a42d3..768e5acd 100644 --- a/docs/vpn/l2tp.rst +++ b/docs/vpn/l2tp.rst @@ -19,7 +19,6 @@ with native Windows and Mac VPN clients): set vpn ipsec nat-networks allowed-network 0.0.0.0/0 set vpn l2tp remote-access outside-address 192.0.2.2 - set vpn l2tp remote-access outside-nexthop 192.168.255.1 set vpn l2tp remote-access client-ip-pool start 192.168.255.2 set vpn l2tp remote-access client-ip-pool stop 192.168.255.254 set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret @@ -27,8 +26,7 @@ with native Windows and Mac VPN clients): set vpn l2tp remote-access authentication mode local set vpn l2tp remote-access authentication local-users username test password 'test' -In the example above an external IP of 192.0.2.2 is assumed. Nexthop IP address -192.168.255.1 uses as client tunnel termination point. +In the example above an external IP of 192.0.2.2 is assumed. If a local firewall policy is in place on your external interface you will need to allow the ports below: @@ -100,7 +98,6 @@ Below is an example to configure a LNS: .. code-block:: none set vpn l2tp remote-access outside-address 192.0.2.2 - set vpn l2tp remote-access outside-nexthop 192.168.255.1 set vpn l2tp remote-access client-ip-pool start 192.168.255.2 set vpn l2tp remote-access client-ip-pool stop 192.168.255.254 set vpn l2tp remote-access lns shared-secret 'secret' @@ -108,8 +105,7 @@ Below is an example to configure a LNS: set vpn l2tp remote-access authentication mode local set vpn l2tp remote-access authentication local-users username test password 'test' -The example above uses 192.0.2.2 as external IP address, the nexthop is supposed -to be 192.168.255.1 and is used as client termination point. A LAC normally +The example above uses 192.0.2.2 as external IP address. A LAC normally requires an authentication password, which is set in the example configuration to ``lns shared-secret 'secret'``. This setup requires the Compression Control Protocol (CCP) being disabled, the command ``set vpn l2tp remote-access ccp-disable`` @@ -129,7 +125,6 @@ The rate-limit is set in kbit/sec. .. code-block:: none set vpn l2tp remote-access outside-address 192.0.2.2 - set vpn l2tp remote-access outside-nexthop 192.168.255.1 set vpn l2tp remote-access client-ip-pool start 192.168.255.2 set vpn l2tp remote-access client-ip-pool stop 192.168.255.254 set vpn l2tp remote-access authentication mode local -- cgit v1.2.3