Project

General

Profile

Download (11.6 KB) Statistics
| Branch: | Tag: | Revision:

root/etc/inc/ipsec.inc @ a0e157e9

# Date Author Comment
8f5c3d8d 12/28/2010 09:23 PM Pierre POMES

Ticket #1116: anonymous sainfo may be used only for single phase2 ipsec VPN's
25f6730a 12/11/2010 01:42 AM Pierre POMES

Add IPSec 'ipalias' VIP support. Ticket #1041
9734b054 11/10/2010 05:00 PM Scott Ullrich

Remove trailing carriage return
958420c5 05/06/2010 07:06 PM Jim Pingle

Bring back IPsec PSK Tab/Edit. Part of ticket #108. Still needs backend code to use the resulting keys.
63017a73 03/16/2010 01:08 PM Ermal Luçi

Ticket #430. Give a none option to allow for roadwarriors configs.
1703e5c5 12/03/2009 03:49 AM Scott Ullrich

Revert "Turn off xauth by default. Ticket #108"

This reverts commit 7998c3f280370991beca62c6a99ae6dd6051228a.
7998c3f2 12/03/2009 03:25 AM Scott Ullrich

Turn off xauth by default. Ticket #108
523855b0 09/12/2009 07:34 PM Scott Ullrich

Add pfSense_BUILDER_BINARIES: and pfSense_MODULE: additions
afb2de1b 04/22/2009 11:53 AM Ermal Luçi
  • Make the carp ip fix for ipsec more general so other services that use the same methodology work.
    - Basically get_interface_ip() now knows how to handle carp(4).
  • Move interface related function from pfsense-utils.inc to interfaces.inc that is their place....
924876a8 04/22/2009 09:21 AM Ermal Luçi
  • Fix ipsec over carp handling.
  • do not useinterface in Upper case when working on the backends.
  • Do not print Configuring IPSec during bootup if there is nothing configured.
a55e9c70 03/30/2009 12:38 AM Ermal Luçi
  • Hide interfaces internals to other code and use the propper interfaces.
    Basically use get_interface*() functions instead of accessing fields like 'ipaddr'/'descr' etc...
  • Make get_interfaces_with_gateway less heavyweight by getting information from the configuration stored in config.xml...
4b96b367 03/15/2009 06:18 AM mgrooms

Modify IPsec code to allow for transport mode. All existing configurations are
marked as tunnel for backwards compatibility. There are problems with the spd
read code which Will likely choke on transport entries. We can fix this later.
30bc15cf 02/27/2009 06:18 AM Bill Marquette

fix display of ipsec tunnel status when using DNS entries for the endpoints
c7ce85b5 01/16/2009 08:30 AM Seth Mos

Correctly return phase2 status for tunnels with hostnames
d799787e 08/26/2008 04:48 AM Matthew Grooms

Rework most of the OpenVPN support. The interfaces have been updated to
not use the pkg system and the configuration has been migrated to an
openvpn prefix. The centralized user and certificate manager is now used
to support the openvpn configurations. Most of the files removed in this...
0af7398a 08/02/2008 02:04 AM Matthew Grooms

Remove the vpn_endpoint_determine function. It did not work properly when
CARP devices were in use. Use the newer ipsec_get_phase1_src instead.
3462a529 07/13/2008 11:28 PM Matthew Grooms

Introduce a new and improved version of IPsec mobile client support. The
mobile client tab is now used to configure user authentication (Xauth) and
client configuration (mode-cfg) options. User authentication is currently
limited to system password file entries. This will be extended to support...
a93e56c5 07/11/2008 01:55 AM Matthew Grooms

Overhaul IPsec related code. Shared functions have been consolidated into
a new file named /etc/ipsec.inc. Tunnel definitions have been split into
phase1 and phase2. This allows any number of phase2 definitions to be
created for a single phase1 definition. Several facets of configuration...