vyos/vyos-documentation
1
0
Fork 0
mirror of https://github.com/vyos/vyos-documentation.git synced 2025-10-26 08:41:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,857 Commits 32 Branches 12 Tags
Commit Graph

635 Commits

Author SHA1 Message Date
aslanvyos
d3ef41c38f
Update site2site_ipsec.rst 
To make easily understandable the Site-to-Site VPN ikev2 configuration for users (especially if the user is new to VyOS) made the following changes:
- Added dummy interface to both routers for testing purposes
- Added static route for both routers for dummy interface
- Added this line of command: 
   set vpn ipsec option disable-route-autoinstall
   Because when we write this line after the commit action we got an error like:
WARNING: It's recommended to use ipsec vti with the next command

- corrected this line:
  set vpn ipsec site-to-site peer OFFICE-B local-address '192.168.0.10'
to this:
set vpn ipsec site-to-site peer OFFICE-B local-address '172.18.201.10'
 2023-10-18 15:24:39 +04:00
Christian Breunig
1ddce99cc8 wireless: extend example with missing country-code 2023-10-17 21:19:18 +02:00
Robert Göhler
54525f31ce
Revert "NAT: add interface-group documentation. " 2023-10-12 21:07:02 +02:00
Nicolas Fort
531c5b9c5e NAT: add interface-group documentation. Also add firewall rules for allowing destination nat connections. 2023-10-11 15:41:18 -03:00
Robert Göhler
a7c0717e5d
Merge pull request #1107 from Dibins/patch-1 
Update wireguard.rst
 2023-10-10 21:36:29 +02:00
Christian Breunig
7090b69845 T5630: pppoe: allow to specify MRU in addition to already configurable MTU 2023-10-08 09:08:35 +02:00
Dibins
7d9792b510
Update wireguard.rst 
Adding proper syntax for 1.4 firewall commands
 2023-10-05 15:50:06 -05:00
Dibins
fa84bc4b35
Second update dns.rst 
Based on the discussion here: https://forum.vyos.io/t/dynamic-dns-not-wollowing-web-options/12309 it seems necessary to note that setting the web-options on a given interface is not sufficient for determining the IP address when behind NAT. 

I've added some additional detail, which I think will make that more clear, as well as listed the commands as required to set up DDNS behind NAT. 

Further I updated the section on RFC2136 to accurately show address instead of interface
 2023-10-02 16:53:29 -05:00
Shnoobins
cf1c7eb76d
Update dns.rst 
Updated command syntax for dynamic dns - changed set service dns dynamic interface to set service dns dynamic address. 

Changed the login option from 'login' to 'username' 

Changed the web options from 'use-web' to 'web-options' 

Changed because I ran into the command syntax change on a 1.4 install. Updating documents to match.
 2023-10-02 12:40:37 -05:00
Robert Göhler
08ac110e10
Merge pull request #1101 from srividya0208/ikev2vpn 
Added details about ipsec remote-access
 2023-09-28 14:07:40 +02:00
srividya0208
3f7e9a6de9 Added details about ipsec remote-access 2023-09-28 02:41:47 -04:00
Robert Göhler
b15d0560a2
Merge pull request #1095 from aslanvyos/patch-2 
Update login.rst
 2023-09-26 22:11:13 +02:00
Robert Göhler
f635b6e714
Merge pull request #1088 from Nephiaust/2023-FirewallUpdates 
Updates to the firewall pages
 2023-09-26 22:08:20 +02:00
aslanvyos
6f8c303510
Update login.rst 
RADIUS and TACACS configuration examples were added.
Also mentioned if there is no connection between VyOS and RADIUS/TACACS servers users need to use local accounts for authentication.
 2023-09-22 16:33:23 +04:00
Viacheslav Hletenko
f7cd4483aa Add firewal synproxy 2023-09-21 15:22:34 +03:00
Nephiaust
7d07926f37
Added new section about the different firewalls 
Updated labels for the pages
Added new pictures.

Signed-off-by: Nephiaust <29741794+Nephiaust@users.noreply.github.com>
 2023-09-18 01:08:00 +09:30
Nephiaust
d9a978cf58
Change ref firewall for int groups to be unique 
Signed-off-by: Nephiaust <29741794+Nephiaust@users.noreply.github.com>
 2023-09-17 23:28:53 +09:30
Nephiaust
b5ce5a2eba
Fixed bad formatting for code-blocks 
Signed-off-by: Nephiaust <29741794+Nephiaust@users.noreply.github.com>
 2023-09-17 23:27:53 +09:30
Robert Göhler
9688bca70d
Merge pull request #1063 from NickAnderegg/overview-nftables-translation 
quick-start: update firewall tutorials to reflect nftables-based firewall commands
 2023-09-13 20:46:17 +02:00
Christian Breunig
55b1909b03 vrf: add NAT example 2023-09-13 19:11:17 +02:00
John Estabrook
93c8726ab9
Merge pull request #1075 from dmbaturin/T5270-openvpn-peer-fingerprint 
openvpn: Add peer fingerprint mode
 2023-09-13 09:54:20 -05:00
Daniil Baturin
14633c945f openvpn: Add peer fingerprint mode 2023-09-13 15:39:58 +01:00
Nick Anderegg
1e8c862c55 chore: fix formatting and add linter comments 2023-09-12 21:36:25 -04:00
Nick Anderegg
63ff118d8a quick-start: add notice about changes to firewall backend 2023-09-12 20:55:59 -04:00
Robert Göhler
0a2c9463b9
Merge pull request #1076 from nicolas-fort/Firewall_new_cli_update 
Firewall refactor: add visible note in firewall docs:
 2023-09-11 20:37:43 +02:00
Yuxiang Zhu
44f64352e3 T5518: Document protocols pim6 2023-09-10 20:36:09 +08:00
Christian Breunig
d80690d563 vxlan: T3700: support VLAN tunnel mapping of VLAN aware bridges 2023-09-09 07:27:57 +02:00
Nicolas Fort
24d9c9b9d0 Firewall refactor: add visible note in firewall docs: zone, quick-start and config blueprint zone-policy 2023-09-08 09:49:02 -03:00
srividya0208
54bdc76b3b correction of ipsec compression syntax and added a reference 
for changes done for zone based firewall
 2023-09-04 02:49:17 -04:00
Robert Göhler
02aafc3df3
Merge pull request #1065 from giga1699/T5447 
MACsec: Document static key configuration
 2023-08-26 21:45:51 +02:00
Giga Murphy
c3796b825a MACsec: Document static key configuration 2023-08-26 03:01:39 +00:00
srividya0208
b5db744ad6 firewall: correction of default-action for rule-set 2023-08-25 14:13:44 -04:00
fett0
0317aa327d l3vpn : add label allocation mode documentation 2023-08-23 13:54:19 -03:00
Christian Breunig
f600198501 wifi: fix CLI nodes for country-code definition 2023-08-19 16:43:17 +02:00
Christian Breunig
abd405b91e T5409: add per-client-thread CLI option for wireguard and wireless interfaces 2023-08-17 22:01:54 +02:00
Christian Breunig
f6a30534bd l3vpn: T5338: fix review comment 2023-08-16 21:41:23 +02:00
Christian Breunig
aa7bd60c02
Merge pull request #1043 from aapostoliuk/T5338-sagitta 
l3vpn: T5338: Added 'protocols bgp interface <int> mpls forwarding'
 2023-08-16 21:39:12 +02:00
Christian Breunig
1cbd6eb89c
Merge pull request #1035 from nicolas-fort/T5160-new_fwall_cli 
T5160: New firewall cli - Update documentation for new firewall structure
 2023-08-16 21:38:08 +02:00
Nicolás Fort
bea877c627
Update release version on index 2023-08-14 06:42:11 -03:00
Nicolas Fort
d1d64ac44d T5014: add NAT Load Balance commands and configuration example. 2023-08-08 08:23:33 -03:00
Christian Breunig
5e4eadf0a1 T5445: dyndns: add possibility to specify update interval (timeout) 2023-08-06 14:34:35 +02:00
Ricardo Figueiredo
75634be59b
pppoe-server: T5418: remove nonexistent restriction (#1052) 2023-07-31 15:50:54 +01:00
Robert Göhler
8f3ae555b3
Merge pull request #1051 from marek22k/master 
L2TPv3: Fix typo
 2023-07-28 21:21:07 +02:00
Christian Breunig
14c4fac22b openvpn: T4974: merge two DCO docs 2023-07-27 16:27:17 +02:00
Christian Breunig
5299c30942
Merge pull request #1049 from fett0/Openvpn-dco-doc 
OpenVPN : add documetation DCO on VyOS
 2023-07-27 16:24:46 +02:00
Christian Breunig
ada1da9377 openvpn: T4974: fix typo 2023-07-27 11:28:21 +02:00
Christian Breunig
aebb422f67 openvpn: T4974: add data channel offload CLI documentation 2023-07-27 11:27:08 +02:00
Marek Küthe
04b4ec90a7
L2TPv3: Fix typo 
The previous RFC pointed to the XMPP (Instant Messaging Standard) specification.
 2023-07-26 15:06:37 +02:00
Christian Breunig
8d0279a0f0 ospf: T5377: add graceful restart FRR feature (RFC 3623) 2023-07-25 23:13:35 +02:00
fett0
e93afe3d33 OpenVPN : add documetation DCO on VyOS 2023-07-24 16:47:44 -03:00