CLOUDSTACK-4565 review comments on VPN

2025-11-02 20:02:29 +01:00 · 2013-09-05 11:43:36 +05:30 · 2013-09-05 11:43:36 +05:30 · 4db232762c
commit 4db232762c
parent 0fb2014d19
4 changed files with 40 additions and 23 deletions
--- a/docs/en-US/configure-vpn.xml
+++ b/docs/en-US/configure-vpn.xml
@ -22,7 +22,7 @@
 	under the License.
 -->	
 <section id="configure-vpn">
-	<title>Configuring VPN</title>
+	<title>Configuring Remote Access VPN</title>
 	<para>To set up VPN for the cloud:</para>
 	<orderedlist>
 		<listitem><para>Log in to the &PRODUCT; UI as an administrator or end user. </para></listitem>
--- a/docs/en-US/using-vpn-with-mac.xml
+++ b/docs/en-US/using-vpn-with-mac.xml
@ -23,7 +23,7 @@
 -->

 <section id="using-vpn-with-mac">
-    <title>Using VPN with Mac OS X</title>
+    <title>Using Remote Access VPN with Mac OS X</title>
    <para>First, be sure you've configured the VPN settings in your &PRODUCT; install. This section is only concerned with connecting via Mac OS X to your VPN.</para>
    <para>Note, these instructions were written on Mac OS X 10.7.5. They may differ slightly in older or newer releases of Mac OS X.</para>
    <orderedlist>
--- a/docs/en-US/using-vpn-with-windows.xml
+++ b/docs/en-US/using-vpn-with-windows.xml
@ -23,7 +23,7 @@
 -->

 <section id="using-vpn-with-windows">
-    <title>Using VPN with Windows</title>
+    <title>Using Remote Access VPN with Windows</title>
    <para>The procedure to use VPN varies by Windows version.  Generally, the user must edit the VPN properties and make sure that the default route is not the VPN. The following steps are for Windows L2TP clients on Windows Vista. The commands should be similar for other Windows versions.</para>
    <orderedlist>
        <listitem id="source-nat"><para>Log in to the &PRODUCT; UI and click on the source NAT IP for the account. The VPN tab should display the IPsec preshared key. Make a note of this and the source NAT IP. The UI also lists one or more users and their passwords. Choose one of these users, or, if none exists, add a user and password.</para></listitem>
--- a/docs/en-US/vpn.xml
+++ b/docs/en-US/vpn.xml
@ -22,24 +22,41 @@
 	under the License.
 -->
 <section id="vpn">
-	<title>VPN</title>
-	<para>&PRODUCT; account owners can create virtual private networks (VPN) to access their virtual machines. If the guest network is instantiated from a network offering that offers the Remote Access VPN service, the virtual router (based on the System VM) is used to provide the service. &PRODUCT; provides a L2TP-over-IPsec-based remote access VPN service to guest virtual networks.  Since each network gets its own virtual router, VPNs are not shared across the networks. VPN clients native to Windows, Mac OS X and iOS can be used to connect to the guest networks.  The account owner can create and manage users for their VPN.  &PRODUCT; does not use its account database for this purpose but uses a separate table. The VPN user database is shared across all the VPNs created by the account owner. All VPN users get access to all VPNs created by the account owner.</para>
-	<note><para>Make sure that not all traffic goes through the VPN.  That is, the route installed by the VPN should be only for the guest network and not for all traffic.</para></note>
-	<para></para>
-	<itemizedlist>
-	<listitem><para><emphasis role="bold">Road Warrior / Remote Access</emphasis>. Users want to be able to
-				connect securely from a home or office to a private network in the cloud. Typically,
-				the IP address of the connecting client is dynamic and cannot be preconfigured on
-				the VPN server.</para></listitem>
-	<listitem><para><emphasis role="bold">Site to Site</emphasis>. In this scenario, two private subnets are
-				connected over the public Internet with a secure VPN tunnel. The cloud user’s subnet
-				(for example, an office network) is connected through a gateway to the network in
-				the cloud. The address of the user’s gateway must be preconfigured on the VPN server
-				in the cloud. Note that although L2TP-over-IPsec can be used to set up Site-to-Site
-				VPNs, this is not the primary intent of this feature. For more information, see <xref linkend="site-to-site-vpn"/></para></listitem>
-	</itemizedlist>
-	<xi:include href="configure-vpn.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
-	<xi:include href="using-vpn-with-windows.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
-	<xi:include href="using-vpn-with-mac.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
-	<xi:include href="site-to-site-vpn.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+  <title>Remote Access VPN</title>
+  <para>&PRODUCT; account owners can create virtual private networks (VPN) to access their virtual
+    machines. If the guest network is instantiated from a network offering that offers the Remote
+    Access VPN service, the virtual router (based on the System VM) is used to provide the service.
+    &PRODUCT; provides a L2TP-over-IPsec-based remote access VPN service to guest virtual networks.
+    Since each network gets its own virtual router, VPNs are not shared across the networks. VPN
+    clients native to Windows, Mac OS X and iOS can be used to connect to the guest networks. The
+    account owner can create and manage users for their VPN. &PRODUCT; does not use its account
+    database for this purpose but uses a separate table. The VPN user database is shared across all
+    the VPNs created by the account owner. All VPN users get access to all VPNs created by the
+    account owner.</para>
+  <note>
+    <para>Make sure that not all traffic goes through the VPN. That is, the route installed by the
+      VPN should be only for the guest network and not for all traffic.</para>
+  </note>
+  <para/>
+  <itemizedlist>
+    <listitem>
+      <para><emphasis role="bold">Road Warrior / Remote Access</emphasis>. Users want to be able to
+        connect securely from a home or office to a private network in the cloud. Typically, the IP
+        address of the connecting client is dynamic and cannot be preconfigured on the VPN
+        server.</para>
+    </listitem>
+    <listitem>
+      <para><emphasis role="bold">Site to Site</emphasis>. In this scenario, two private subnets are
+        connected over the public Internet with a secure VPN tunnel. The cloud user’s subnet (for
+        example, an office network) is connected through a gateway to the network in the cloud. The
+        address of the user’s gateway must be preconfigured on the VPN server in the cloud. Note
+        that although L2TP-over-IPsec can be used to set up Site-to-Site VPNs, this is not the
+        primary intent of this feature. For more information, see <xref linkend="site-to-site-vpn"
+        /></para>
+    </listitem>
+  </itemizedlist>
+  <xi:include href="configure-vpn.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
+  <xi:include href="using-vpn-with-windows.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
+  <xi:include href="using-vpn-with-mac.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
+  <xi:include href="site-to-site-vpn.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
 </section>