summaryrefslogtreecommitdiffstats
path: root/usr/local/www/vpn_ipsec_phase1.php
Commit message (Collapse)AuthorAgeFilesLines
* Unset the aggressive mode settings for not IKEv1 settingsErmal LUÇI2014-11-251-1/+4
|
* fix up textChris Buechler2014-11-241-1/+1
|
* Fixes #4015. Hide Negotiation mode when in IKEv2 since it is not required.Ermal LUÇI2014-11-241-2/+12
|
* Ticket #3987. Strongswan support autodetection of IKE version exchange. ↵Ermal2014-11-191-3/+3
| | | | Support this by allowing an auto version in the GUI.
* Change copyright statement to reflect realityJim Thompson2014-11-101-0/+1
|
* strongswan only has two options for NAT-T, force or auto.Chris Buechler2014-11-041-1/+0
|
* Restore 3 values back on NAT-T settings Just Enable now its Auto as per ↵Ermal2014-11-041-2/+3
| | | | strongswan default. and off disabled mobike. Ticket #3979
* Rename the options to actually make sense with strongswanErmal2014-11-041-2/+2
|
* Remove Force options since it has not meaning for now.Ermal2014-11-041-4/+3
|
* Correct dispaly of checkboxes for ipsecErmal2014-11-021-2/+2
|
* Fix PSK for non-ascii also here, ticket #3917Renato Botelho2014-10-141-0/+6
|
* Correct speeling as reported by: Phil Davis via githubErmal2014-09-161-1/+1
|
* Inverse the sense of the toggles to avoid configuration upgradesErmal2014-09-121-6/+4
|
* Provide Advanced Options for controlling rekey and reauth, might be usable ↵Ermal2014-09-121-0/+26
| | | | with iOS devices
* Provide a first implementation of EAP-TLS authentication with IKEv2. It is a ↵Ermal2014-09-121-72/+93
| | | | start and might not work on all cases
* Tidy up "vpn_ipsec_phase1.php" XHTMLColin Fleming2014-05-091-43/+43
| | | | | | | Add CDATA sections to SCRIPTS Add SUMMARY to TABLES Update HTML Boolean operators Close INPUT tags
* Oops unbreak thisErmal2014-05-091-2/+2
|
* Remove Proposal check as a racoon thingyErmal2014-05-091-18/+0
|
* Remove generate policy option since its not relevant with strongswanErmal2014-05-091-18/+0
|
* Use better looking description and remove base type from negotiation. This ↵Ermal2014-05-091-1/+1
| | | | is only IKEv1 parameter. JS will be added later
* Allow to select IKE version to be used.Ermal2014-05-091-0/+21
|
* Check the right field hereRenato Botelho2014-04-291-1/+1
|
* Move the IPsec settings from System > Advanced, Misc tab to "Advanced ↵jim-p2014-04-251-0/+1
| | | | Settings" tab under VPN > IPsec.
* replaced uppercase html tags with lowercaseayvis2014-03-191-1/+1
| | | | js files saved as UTF-8 / LF language="JavaScript" deprecated, replaced with type="text/javascript"
* xhtml Complianceayvis2014-03-141-23/+23
| | | replaced <br>, <br/> and </br> with <br />
* Improve checks for params 'id', 'dup' and other similar ones to make sure ↵Renato Botelho2014-03-121-7/+7
| | | | they are numeric integer, also, pass them through htmlspecialchars() before print
* First swing at converting from racoon to StrongSWAN.Ermal2014-02-061-11/+0
| | | | | | | | | | | | | | | | | | | | | | It allows to use existing configurations on xml to generate StrongSWAN configurations. So its only IKEv1 * Missing support for dynamic ips(hostnames) - resolver plugin of StrongSWAN needs to be configured in strongswan.conf * Authentication plugin with pfSense authentication framework - New plugin almost completed * More testing hence this being pushed now to have more broader look TODO * Integrate IKEv2 * Move dynamic IP allocation to an SQLite backend * Provide more options in authenticating as a client(initiator) * Restrict interfaces where StrongSWAN listens for incoming connections to only those configured FUTUTE * Move all configuration to SQLite backend * Integrate more authentication scenarios of IKEv2
* Remove call-time pass by reference for do_input_validation, helps ticket #2565Renato Botelho2013-09-121-1/+1
|
* Make IPv4/IPv6 validation on IPSecRenato Botelho2013-01-241-2/+23
| | | | It should fix #2769
* Fix indent and blanks at EOLRenato Botelho2013-01-241-30/+30
|
* Update usr/local/www/vpn_ipsec_phase1.phpErmal Luçi2012-11-161-1/+1
| | | Correct missing $
* Standardize hypenation and capitalization of Pre-Shared Keyjim-p2012-10-261-2/+2
|
* Activate new shortcuts/status in the rest of the areas that are currently setup.jim-p2012-08-101-2/+1
|
* Activate "base" exchange mode also supported by racoon.jim-p2012-08-081-1/+1
|
* Activate more Hash, DH, and PFS options that are available in racoon now. ↵jim-p2012-08-021-4/+2
| | | | Note that SHA256-512 are RFC4868 compliant in FreeBSD, may break with other incompatible stacks.
* Add Gateway Group support to the IPsec interface drop down.smos2012-06-031-0/+13
| | | | | | Edit of gateway group correctly reflects the new IP Address. We need to make a blacklist for interface names in the gateway group edit page. Redmine ticket #1965
* Merge remote-tracking branch 'upstream/master'jim-p2011-07-121-1/+1
|\ | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/easyrule.inc etc/inc/filter.inc etc/inc/interfaces.inc etc/inc/services.inc etc/inc/xmlrpc_client.inc usr/local/www/fbegin.inc usr/local/www/services_dhcp.php
| * Merge remote-tracking branch 'mainline/master' into incVinicius Coque2011-06-281-0/+5
| |\
| * \ Merge remote-tracking branch 'mainline/master' into incVinicius Coque2011-06-071-0/+18
| |\ \ | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/voucher.inc usr/local/www/fbegin.inc
| * | | Remove gettext from negotiation modeVinicius Coque2011-05-251-1/+1
| | | | | | | | | | | | | | | | | | | | It is causing errors on raccon because config file were generated with translated words
* | | | Merge remote branch 'upstream/master'jim-p2011-06-221-0/+5
|\ \ \ \ | | |_|/ | |/| | | | | | | | | | | | | | Conflicts: etc/inc/filter.inc etc/inc/util.inc
| * | | Do not store CA and CERT in config unless needed. Will allow deleting unused ↵Evgeny Yurchenko2011-06-211-0/+5
| | |/ | |/| | | | | | | certs.
* | | Merge remote branch 'upstream/master'jim-p2011-06-031-0/+18
|\ \ \ | |/ / | | | | | | | | | Conflicts: etc/inc/openvpn.inc
| * | Add a GUI selection for racoon's generate_policy directive since it may be ↵jim-p2011-06-031-0/+18
| |/ | | | | | | useful in certain configurations, especially for mobile clients.
* | enlarge various address fields for IPv6 addressesSeth Mos2011-03-171-1/+1
| |
* | Extend the IPsec configuration with a protocol family for the phase 1Seth Mos2011-03-141-0/+18
|/
* Correct variable name. This could never have deleted the static route for ↵smos2011-02-241-1/+1
| | | | IPsec vpns on multi wan
* Don't save CA/Cert for a PSK IPsec tunnel.jim-p2011-01-311-0/+8
|
* Ticket 1041. Fix bad commit...Pierre POMES2010-12-121-1/+1
|
* Add IPSec 'ipalias' VIP support. Ticket #1041Pierre POMES2010-12-101-0/+3
|
OpenPOWER on IntegriCloud