Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Unset the aggressive mode settings for not IKEv1 settings | Ermal LUÇI | 2014-11-25 | 1 | -1/+4 |
| | |||||
* | fix up text | Chris Buechler | 2014-11-24 | 1 | -1/+1 |
| | |||||
* | Fixes #4015. Hide Negotiation mode when in IKEv2 since it is not required. | Ermal LUÇI | 2014-11-24 | 1 | -2/+12 |
| | |||||
* | Ticket #3987. Strongswan support autodetection of IKE version exchange. ↵ | Ermal | 2014-11-19 | 1 | -3/+3 |
| | | | | Support this by allowing an auto version in the GUI. | ||||
* | Change copyright statement to reflect reality | Jim Thompson | 2014-11-10 | 1 | -0/+1 |
| | |||||
* | strongswan only has two options for NAT-T, force or auto. | Chris Buechler | 2014-11-04 | 1 | -1/+0 |
| | |||||
* | Restore 3 values back on NAT-T settings Just Enable now its Auto as per ↵ | Ermal | 2014-11-04 | 1 | -2/+3 |
| | | | | strongswan default. and off disabled mobike. Ticket #3979 | ||||
* | Rename the options to actually make sense with strongswan | Ermal | 2014-11-04 | 1 | -2/+2 |
| | |||||
* | Remove Force options since it has not meaning for now. | Ermal | 2014-11-04 | 1 | -4/+3 |
| | |||||
* | Correct dispaly of checkboxes for ipsec | Ermal | 2014-11-02 | 1 | -2/+2 |
| | |||||
* | Fix PSK for non-ascii also here, ticket #3917 | Renato Botelho | 2014-10-14 | 1 | -0/+6 |
| | |||||
* | Correct speeling as reported by: Phil Davis via github | Ermal | 2014-09-16 | 1 | -1/+1 |
| | |||||
* | Inverse the sense of the toggles to avoid configuration upgrades | Ermal | 2014-09-12 | 1 | -6/+4 |
| | |||||
* | Provide Advanced Options for controlling rekey and reauth, might be usable ↵ | Ermal | 2014-09-12 | 1 | -0/+26 |
| | | | | with iOS devices | ||||
* | Provide a first implementation of EAP-TLS authentication with IKEv2. It is a ↵ | Ermal | 2014-09-12 | 1 | -72/+93 |
| | | | | start and might not work on all cases | ||||
* | Tidy up "vpn_ipsec_phase1.php" XHTML | Colin Fleming | 2014-05-09 | 1 | -43/+43 |
| | | | | | | | Add CDATA sections to SCRIPTS Add SUMMARY to TABLES Update HTML Boolean operators Close INPUT tags | ||||
* | Oops unbreak this | Ermal | 2014-05-09 | 1 | -2/+2 |
| | |||||
* | Remove Proposal check as a racoon thingy | Ermal | 2014-05-09 | 1 | -18/+0 |
| | |||||
* | Remove generate policy option since its not relevant with strongswan | Ermal | 2014-05-09 | 1 | -18/+0 |
| | |||||
* | Use better looking description and remove base type from negotiation. This ↵ | Ermal | 2014-05-09 | 1 | -1/+1 |
| | | | | is only IKEv1 parameter. JS will be added later | ||||
* | Allow to select IKE version to be used. | Ermal | 2014-05-09 | 1 | -0/+21 |
| | |||||
* | Check the right field here | Renato Botelho | 2014-04-29 | 1 | -1/+1 |
| | |||||
* | Move the IPsec settings from System > Advanced, Misc tab to "Advanced ↵ | jim-p | 2014-04-25 | 1 | -0/+1 |
| | | | | Settings" tab under VPN > IPsec. | ||||
* | replaced uppercase html tags with lowercase | ayvis | 2014-03-19 | 1 | -1/+1 |
| | | | | js files saved as UTF-8 / LF language="JavaScript" deprecated, replaced with type="text/javascript" | ||||
* | xhtml Compliance | ayvis | 2014-03-14 | 1 | -23/+23 |
| | | | replaced <br>, <br/> and </br> with <br /> | ||||
* | Improve checks for params 'id', 'dup' and other similar ones to make sure ↵ | Renato Botelho | 2014-03-12 | 1 | -7/+7 |
| | | | | they are numeric integer, also, pass them through htmlspecialchars() before print | ||||
* | First swing at converting from racoon to StrongSWAN. | Ermal | 2014-02-06 | 1 | -11/+0 |
| | | | | | | | | | | | | | | | | | | | | | | It allows to use existing configurations on xml to generate StrongSWAN configurations. So its only IKEv1 * Missing support for dynamic ips(hostnames) - resolver plugin of StrongSWAN needs to be configured in strongswan.conf * Authentication plugin with pfSense authentication framework - New plugin almost completed * More testing hence this being pushed now to have more broader look TODO * Integrate IKEv2 * Move dynamic IP allocation to an SQLite backend * Provide more options in authenticating as a client(initiator) * Restrict interfaces where StrongSWAN listens for incoming connections to only those configured FUTUTE * Move all configuration to SQLite backend * Integrate more authentication scenarios of IKEv2 | ||||
* | Remove call-time pass by reference for do_input_validation, helps ticket #2565 | Renato Botelho | 2013-09-12 | 1 | -1/+1 |
| | |||||
* | Make IPv4/IPv6 validation on IPSec | Renato Botelho | 2013-01-24 | 1 | -2/+23 |
| | | | | It should fix #2769 | ||||
* | Fix indent and blanks at EOL | Renato Botelho | 2013-01-24 | 1 | -30/+30 |
| | |||||
* | Update usr/local/www/vpn_ipsec_phase1.php | Ermal Luçi | 2012-11-16 | 1 | -1/+1 |
| | | | Correct missing $ | ||||
* | Standardize hypenation and capitalization of Pre-Shared Key | jim-p | 2012-10-26 | 1 | -2/+2 |
| | |||||
* | Activate new shortcuts/status in the rest of the areas that are currently setup. | jim-p | 2012-08-10 | 1 | -2/+1 |
| | |||||
* | Activate "base" exchange mode also supported by racoon. | jim-p | 2012-08-08 | 1 | -1/+1 |
| | |||||
* | Activate more Hash, DH, and PFS options that are available in racoon now. ↵ | jim-p | 2012-08-02 | 1 | -4/+2 |
| | | | | Note that SHA256-512 are RFC4868 compliant in FreeBSD, may break with other incompatible stacks. | ||||
* | Add Gateway Group support to the IPsec interface drop down. | smos | 2012-06-03 | 1 | -0/+13 |
| | | | | | | Edit of gateway group correctly reflects the new IP Address. We need to make a blacklist for interface names in the gateway group edit page. Redmine ticket #1965 | ||||
* | Merge remote-tracking branch 'upstream/master' | jim-p | 2011-07-12 | 1 | -1/+1 |
|\ | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/easyrule.inc etc/inc/filter.inc etc/inc/interfaces.inc etc/inc/services.inc etc/inc/xmlrpc_client.inc usr/local/www/fbegin.inc usr/local/www/services_dhcp.php | ||||
| * | Merge remote-tracking branch 'mainline/master' into inc | Vinicius Coque | 2011-06-28 | 1 | -0/+5 |
| |\ | |||||
| * \ | Merge remote-tracking branch 'mainline/master' into inc | Vinicius Coque | 2011-06-07 | 1 | -0/+18 |
| |\ \ | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/voucher.inc usr/local/www/fbegin.inc | ||||
| * | | | Remove gettext from negotiation mode | Vinicius Coque | 2011-05-25 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | It is causing errors on raccon because config file were generated with translated words | ||||
* | | | | Merge remote branch 'upstream/master' | jim-p | 2011-06-22 | 1 | -0/+5 |
|\ \ \ \ | | |_|/ | |/| | | | | | | | | | | | | | | Conflicts: etc/inc/filter.inc etc/inc/util.inc | ||||
| * | | | Do not store CA and CERT in config unless needed. Will allow deleting unused ↵ | Evgeny Yurchenko | 2011-06-21 | 1 | -0/+5 |
| | |/ | |/| | | | | | | | certs. | ||||
* | | | Merge remote branch 'upstream/master' | jim-p | 2011-06-03 | 1 | -0/+18 |
|\ \ \ | |/ / | | | | | | | | | | Conflicts: etc/inc/openvpn.inc | ||||
| * | | Add a GUI selection for racoon's generate_policy directive since it may be ↵ | jim-p | 2011-06-03 | 1 | -0/+18 |
| |/ | | | | | | | useful in certain configurations, especially for mobile clients. | ||||
* | | enlarge various address fields for IPv6 addresses | Seth Mos | 2011-03-17 | 1 | -1/+1 |
| | | |||||
* | | Extend the IPsec configuration with a protocol family for the phase 1 | Seth Mos | 2011-03-14 | 1 | -0/+18 |
|/ | |||||
* | Correct variable name. This could never have deleted the static route for ↵ | smos | 2011-02-24 | 1 | -1/+1 |
| | | | | IPsec vpns on multi wan | ||||
* | Don't save CA/Cert for a PSK IPsec tunnel. | jim-p | 2011-01-31 | 1 | -0/+8 |
| | |||||
* | Ticket 1041. Fix bad commit... | Pierre POMES | 2010-12-12 | 1 | -1/+1 |
| | |||||
* | Add IPSec 'ipalias' VIP support. Ticket #1041 | Pierre POMES | 2010-12-10 | 1 | -0/+3 |
| |